Skip to content
@dfir-dd

dfir-dd

README.md

DFIR-DD Team Site

Who are we?

A team of incident responders and forensic analysts, currently working at BDO Cyber Security in Dresden.

Need to contact us? Send a mail to info@dfir-dd.de.

Our tools

Tool What does it do ?
DFIR Toolkit Collection of CLI tools for Windows forensic analysis
dionysos Scanner for various IoCs, esp. yara-based
Dissect Triage A binary to collect triage data from Windows Systems, based on dissect
Kirby do a quick timeline based on dissect

Popular repositories

  1. dfir-toolkit dfir-toolkit Public

    CLI tools for forensic investigation of Windows artifacts

    Rust 238 20

  2. incident-response-playbooks incident-response-playbooks Public

    Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents

    33 3

  3. dionysos dionysos Public

    Scanner for certain IoCs

    Rust 10 2

  4. nt-hive2 nt-hive2 Public

    Windows registry parser library build upon BinRead

    Rust 6 2

  5. kirby kirby Public

    Python 1

  6. packer packer Public

    Packer Templates to build vagrant base boxes

    Shell 1

Repositories

Showing 10 of 12 repositories
View all repositories

Top languages

Loading…

Most used topics

Loading…