Dump of organized knowledge on DFIR
Python Shell JavaScript
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
scripts
GeneralThreatHunt.md
LinuxLateralDetection.md
LinuxProfileCreation.md
LinuxVolatileCollection
LogIntelligence.md
Malware_Families.md
MemoryForensic.txt
Open-source Intel.md
Powershell Blueteam.txt
Readme.md
ToolsOfTheGame.md
WinAttackDefense.md
WindowsLateralDetection.md
Windows_Artifacts.md
secOnionRelations.md
wmi-notes

Readme.md

dfir

Mark McCurdy

I spent most my prior life as a 'nix administrator. As part of the DFIR crowd that fosters sharing, this has been my live documentation that I edit as I learn more and as reorganize. Output here is the absorbed and restructured data from various sources to make sense through all the noise in the way I operate. Besides techniques and procedures, my toolset list focuses on the broad spectrum of tools to perform forensics on Windows and Linux systems. Mac on the horizon to start.

It'll mature over time.