DFIRVault

Blog

Tooling and Software
Jacob Wilson
Aug 4, 2025

Splunk DFIR Case Manager

Why I Built This ToolAs a cybersecurity professional, I frequently work with Splunk for log management, threat detection,...

Read More
Tooling and Software
Jacob Wilson
Aug 4, 2025

CSV Splitter

When working in digital forensics or threat intelligence, CSVs from SIEM tools, sandboxes, or log aggregators...

Read More
Tooling and Software
Jacob Wilson
Jun 24, 2025

NGINX log parser

During DFIR investigations, especially in NGINX environments, we’re often handed a messy directory full of rotated...

Read More
Featured Incident Response LLM / AI Tooling and Software
Jacob Wilson
Jun 23, 2025

Connecting Splunk with LLM

Why Use LLMs for DFIR in Splunk?As DFIR professionals, we deal with massive volumes of logs—security...

Read More
Threat Hunting Tooling and Software
Jacob Wilson
Jun 22, 2025

DFIR THOR Drive Scanner – Fast Forensic Scans with One Click

🔍 THOR Drive Scanner – Fast Forensic Scans with One ClickNeed to scan a mounted drive...

Read More
Tooling and Software
Jacob Wilson
Jun 21, 2025

DFIR Case Manager

📁 DFIR Case Manager – Simple Case Workflow in a ClickManaging forensic case folders shouldn't be...

Read More
1 2 3

Popular Categories

Popular Posts

FivePM – Threat Hunter By Jacob Wilson November 6, 2025
CrowdStrike Investigator By Jacob Wilson September 24, 2025
SFTP Monitor Tool By Jacob Wilson August 27, 2025

Popular Tags

AI Chainsaw Crowdstrike CSV CSV2ELK DFIR Elastic ELK FivePM Hayabusa Incident Response LLM Malware Analysis NGINX Ollama OSINT SFTP Splunk THOR Threat Hunting ThreatHunting timeline Tooling