PowerShell Digital Forensics & Incident Response Scripts.

PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.

Over 100K open-source YARA signatures evaluated against over 280K files to give insights into the performance of each YARA rule.

A tool for fetching DFIR and other GitHub tools.

Comprehensive suite of PowerShell and VBScript tools automates Active Directory tasks, advances forensic analysis, and simplifies script creation. Designed for managing Windows Servers and workstations, these tools ensure accuracy, efficiency, security, scalability, and adaptability, optimizing daily operations, performance, and system compliance.

PowerShell tool that helps to parse and analyze Ivanti Secure Connect logs, this tool could help in forensic investigations to have more visibility and more detailed view of the "vc0" logs.

Windows artifact collector to facilitate forensic work

DFIR-Orc GetThis tool configuration generator.