An OSINT Mapping tool for research.

Desktop KQL query builder for Microsoft security and Azure services - 52 tables across Defender, Sentinel, Entra ID, Azure Monitor, App Insights, and more

Cybersecurity lists of TLDs, domains and URLs for threat hunting and posture policy (warn or block)

A better whois and domain intelligence toolkit

The multi-platform memory acquisition tool.

A collection of Azure AD/Entra tools for offensive and defensive security purposes

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.

ExifTool meta information reader/writer

AppCompatCache (shimcache) parser. Supports Windows 7 (x86 and x64), Windows 8.x, and Windows 10, and Windows 11

Metasploit Framework

Malware-Analysis-Scripts

Tools for Live Aquisition and Incident Response

After installing Kali Linux, I use this guide to set up my Laptop

This Repository contains a collection of Linux Post-Install Scripts based on different Linux-Distros.

Files, that will get Synced if you run a --sync on dfir-installer

Install every tool and every needed software for your DFIR (/SRE/PEN/OSINT/TCI) workstation. This Tool is doing the work for you, everything after installing Windows (and update).

A How to Step by Step Guide of how I set up my Forensic Workstations and create a golden Image out of it.

Browse Windows Recycle Bin from E01 forensic images with Explorer-style interface. Parse $I/$R artifacts, view deleted files in original folder structure, export with timestamps & hash calculation.…

A unified investigation cockpit built for CSIRT / SOC / DFIR teams. Ingest, correlate and visualise any forensic source in a real-time interface.

MCP implementation of PCAP file analysis tools to bring functionality to SOC and DFIR AI agents.

AI-Based Memory Forensics Assistant - Flask application for forensic memory dump analysis

The SOLVE-IT knowledge base for digital forensics

This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple types such as IP, URL, CVE and Hash.

PowerShell directory size analyzer with visual tree display, color-coded output, and admin privilege handling. Fast, efficient, and File Explorer-like hierarchy visualization.

A comprehensive PowerShell toolkit for RDP forensics analysis, tracking connection attempts, authentication, sessions, and logoffs across Windows Event Logs for security monitoring and incident res…

A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID

Volatility plugins developed and maintained by the community

Miscellaneous PowerShell and Python scripts related to YARA, Malware and Timeline Analysis.

List of free GPTs that doesn't require plus subscription