Automate the creation of a lab environment complete with security tooling and logging best practices

• UpdatedJul 6, 2024
• HTML

MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs

• UpdatedAug 17, 2025
• PowerShell

A little tool to play with Azure Identity - Azure and Entra ID lab creation tool. Blog:https://medium.com/@iknowjason/sentinel-for-purple-teaming-183b7df7a2f4

• UpdatedMar 21, 2025
• Python

Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of particular use when investigating a security incident.

• UpdatedNov 18, 2024
• Python

A curated list of tools for incident response. With repository stars⭐ and forks🍴

• UpdatedDec 16, 2025

Graph Visualization for windows event logs

• UpdatedJan 15, 2025
• Python

Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.

• UpdatedNov 2, 2022
• HTML

Rip Raw is a small tool to analyse the memory of compromised Linux systems.

• UpdatedJan 31, 2022
• Python

Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service -https://circl.lu/services/hashlookup/

• UpdatedSep 24, 2023
• Python

Fast lookup server for NSRL and other hash database used in digital forensic

• UpdatedJun 16, 2022
• Python

unix_collector is a Live Response collection script for Incident Response on UNIX-like systems using native binaries. Supports AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.

• UpdatedJun 10, 2025
• Shell

Pipeline that allows sending forensic artifacts to OpenRelik for automatic processing

• UpdatedNov 24, 2025
• Python

MAES: M365 Analyzer & Extractor Suite Po

• UpdatedDec 2, 2025
• JavaScript

Simple Imager has been created for performing live acquisition of Windows based systems in a forensically sound manner

• UpdatedOct 28, 2025
• Batchfile

Automatically create iSCSI targets for all drives except for a boot device

• UpdatedMay 23, 2025
• Python

A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.

• UpdatedApr 16, 2021
• HCL

Easy automated vagrant provisioning of Windows 10 with flarevm tools installed for Digital Forensics and Malware Analysis Lab.

• UpdatedMay 29, 2022
• HCL

Toolset to analyze disks encrypted with McAFee FDE technology

• UpdatedMar 11, 2021
• Python

ActiveMime File Format Documentation

• UpdatedJun 28, 2021
• Python

Sabonis, a Digital Forensics and Incident Response pivoting tool

• UpdatedMar 3, 2022
• Python