VaultMirror – Robust Evidence Sync for the DFIR Professional
In the world of Digital Forensics and Incident Response, data integrity and availability are everything. Whether you are syncing evidence...
A curated collection of insights, techniques, and discoveries from real-world digital forensics investigations and incident response cases.
In the world of Digital Forensics and Incident Response, data integrity and availability are everything. Whether you are syncing evidence...
In the world of Digital Forensics and Incident Response, data integrity and...
I’ve just released a new tool: CrowdStrike AID Timeliner.This script helps investigators...
In digital forensics and incident response (DFIR), one recurring pain point I’ve...
Streamlining Windows Event Log Analysis with My Hayabusa Scanner Menu ToolFor many...
Recently i begun setting up a home lab with an Elasticsearch server...
As a cybersecurity enthusiast, I’m always exploring ways to streamline digital forensics...
Why I Built This ToolAs a cybersecurity professional, I frequently work with Splunk for...
When working in digital forensics or threat intelligence, CSVs from SIEM tools,...
During DFIR investigations, especially in NGINX environments, we’re often handed a messy...
Why Use LLMs for DFIR in Splunk?As DFIR professionals, we deal with...
🔍 THOR Drive Scanner – Fast Forensic Scans with One ClickNeed to...
📁 DFIR Case Manager – Simple Case Workflow in a ClickManaging forensic...
As a digital forensics and incident response (DFIR) professional, I'm always looking...
Digital Forensics and Incident Response (DFIR) professionals know that speed and efficiency...
When we work with a large amount of logs, sometimes millions or...
Step 1 – Create Bash Script: Touch logontracer_run.sh Chmod +x logontracer_run.sh Nano...
DFIR Vault is a personal blog dedicated to sharing insights, techniques, and discoveries from real-world digital forensics investigations and incident response engagements.
My name is Jacob Wilson, and with over a decade of experience in the cybersecurity field, I’ve encountered countless unique challenges during investigations. This repository serves as both a personal knowledge base for myself and also a resource for the wider DFIR community.
Find me using the below links:
