DFIRVault

Blog

Incident Response Threat Hunting Tooling and Software
Jacob Wilson
Nov 6, 2025

FivePM – Threat Hunter

It’s 4:55 PM. You’re done for the day. Then — *ping* — “Possible compromise.”Meet **FivePM**: the...

Read More
Incident Response Threat Hunting Tooling and Software
Jacob Wilson
Sep 24, 2025

CrowdStrike Investigator

 I’ve just released a new tool: CrowdStrike AID Timeliner.This script helps investigators quickly build timelines around...

Read More
Tooling and Software Windows Forensics
Jacob Wilson
Aug 27, 2025

SFTP Monitor Tool

In digital forensics and incident response (DFIR), one recurring pain point I’ve seen is managing the...

Read More
Incident Response Tooling and Software Windows Forensics
Jacob Wilson
Aug 20, 2025

Hayabusa Scanner Menu

Streamlining Windows Event Log Analysis with My Hayabusa Scanner Menu ToolFor many DFIR analysts, hunting through...

Read More
Featured Malware Analysis
Jacob Wilson
Aug 19, 2025

Dynamic Malware Analysis on an ELK Stack

Recently i begun setting up a home lab with an Elasticsearch server and a seperate vm...

Read More
Tooling and Software Windows Forensics
Jacob Wilson
Aug 19, 2025

Automating Windows Event Log Analysis with Chainsaw Event Log Scanner

As a cybersecurity enthusiast, I’m always exploring ways to streamline digital forensics and incident response workflows....

Read More
1 2 3

Popular Categories

Popular Posts

FivePM – Threat Hunter By Jacob Wilson November 6, 2025
CrowdStrike Investigator By Jacob Wilson September 24, 2025
SFTP Monitor Tool By Jacob Wilson August 27, 2025

Popular Tags

AI Chainsaw Crowdstrike CSV CSV2ELK DFIR Elastic ELK FivePM Hayabusa Incident Response LLM Malware Analysis NGINX Ollama OSINT SFTP Splunk THOR Threat Hunting ThreatHunting timeline Tooling