DFIRVault

Blog

Tooling and Software Windows Forensics
Jacob Wilson
Aug 19, 2025

Automating Windows Event Log Analysis with Chainsaw Event Log Scanner

As a cybersecurity enthusiast, I’m always exploring ways to streamline digital forensics and incident response workflows....

Read More
Tooling and Software
Jacob Wilson
Aug 4, 2025

Splunk DFIR Case Manager

Why I Built This ToolAs a cybersecurity professional, I frequently work with Splunk for log management, threat detection,...

Read More
Tooling and Software
Jacob Wilson
Aug 4, 2025

CSV Splitter

When working in digital forensics or threat intelligence, CSVs from SIEM tools, sandboxes, or log aggregators...

Read More
Tooling and Software
Jacob Wilson
Jun 24, 2025

NGINX log parser

During DFIR investigations, especially in NGINX environments, we’re often handed a messy directory full of rotated...

Read More
Incident Response LLM / AI Tooling and Software
Jacob Wilson
Jun 23, 2025

Connecting Splunk with LLM

Why Use LLMs for DFIR in Splunk?As DFIR professionals, we deal with massive volumes of logs—security...

Read More
Threat Hunting Tooling and Software
Jacob Wilson
Jun 22, 2025

DFIR THOR Drive Scanner – Fast Forensic Scans with One Click

🔍 THOR Drive Scanner – Fast Forensic Scans with One ClickNeed to scan a mounted drive...

Read More
1 2 3 4

Popular Categories

Popular Posts

VaultMirror – Robust Evidence Sync for the DFIR Professional By Jacob Wilson January 21, 2026
FivePM – Threat Hunter By Jacob Wilson November 6, 2025
CrowdStrike Investigator By Jacob Wilson September 24, 2025

Popular Tags

AI Archiving Chainsaw Crowdstrike CSV CSV2ELK DFIR Elastic ELK FivePM Hayabusa Incident Response LLM Malware Analysis NGINX Ollama OSINT SFTP Splunk THOR Threat Hunting ThreatHunting timeline Tooling