DFIRVault

Blog

Featured LLM / AI Threat Hunting Tooling and Software
Jacob Wilson
Feb 6, 2026

DFIR Copilot: LLM-Powered Investigations Directly Inside Splunk

As DFIR professionals, we spend a huge amount of time staring at Splunk searches—trying to turn...

Read More
Featured
Jacob Wilson
Jan 21, 2026

VaultMirror – Robust Evidence Sync for the DFIR Professional

In the world of Digital Forensics and Incident Response, data integrity and availability are everything. Whether...

Read More
Featured Incident Response Threat Hunting Tooling and Software
Jacob Wilson
Nov 6, 2025

FivePM – Threat Hunter

It’s 4:55 PM. You’re done for the day. Then — *ping* — “Possible compromise.” Meet **FivePM**:...

Read More
Incident Response Threat Hunting Tooling and Software
Jacob Wilson
Sep 24, 2025

CrowdStrike Investigator

 I’ve just released a new tool: CrowdStrike AID Timeliner.This script helps investigators quickly build timelines around...

Read More
Tooling and Software Windows Forensics
Jacob Wilson
Aug 27, 2025

SFTP Monitor Tool

In digital forensics and incident response (DFIR), one recurring pain point I’ve seen is managing the...

Read More
Incident Response Tooling and Software Windows Forensics
Jacob Wilson
Aug 20, 2025

Hayabusa Scanner Menu

Streamlining Windows Event Log Analysis with My Hayabusa Scanner Menu ToolFor many DFIR analysts, hunting through...

Read More
1 2 3 4

Popular Categories

Popular Posts

DFIR Copilot: LLM-Powered Investigations Directly Inside Splunk By Jacob Wilson February 6, 2026
VaultMirror – Robust Evidence Sync for the DFIR Professional By Jacob Wilson January 21, 2026
FivePM – Threat Hunter By Jacob Wilson November 6, 2025

Popular Tags

AI Archiving Chainsaw Crowdstrike CSV CSV2ELK DFIR Elastic ELK FivePM Hayabusa Incident Response LLM Malware Analysis NGINX Ollama OSINT SFTP Splunk THOR Threat Hunting ThreatHunting timeline Tooling