Skip to content
@dfir-dd

dfir-dd

README.md

DFIR-DD Team Site

Who are we?

A team of incident responders and forensic analysts, currently working at BDO Cyber Security in Dresden.

Need to contact us? Send a mail to [email protected].

Our tools

Tool What does it do ?
DFIR Toolkit Collection of CLI tools for Windows forensic analysis
dionysos Scanner for various IoCs, esp. yara-based
Dissect Triage A binary to collect triage data from Windows Systems, based on dissect
Kirby Parse several forensic artifacts from a windows (triage) image, based on dissect

Popular repositories Loading

  1. dfir-toolkit dfir-toolkit Public archive

    CLI tools for forensic investigation of Windows artifacts

    Rust 345 29

  2. incident-response-playbooks incident-response-playbooks Public

    Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents

    49 4

  3. dionysos dionysos Public

    Scanner for certain IoCs

    Rust 11 2

  4. nt-hive2 nt-hive2 Public archive

    Windows registry parser library build upon BinRead

    Rust 7 3

  5. velociraptor-artifacts velociraptor-artifacts Public

    Custom Artifacts for Rapid7 Velociraptor Software

    2

  6. kirby kirby Public

    A script to parse several forensic artifacts of given windows (triage) images, using dissect

    Python 1

Repositories

Showing 10 of 12 repositories
View all repositories

Top languages

Loading…

Most used topics

Loading…