Home
Vault
GitHub
EDR Threat Hunt Queries
About

Home
Vault
GitHub
EDR Threat Hunt Queries
About

Search for:

Home
Vault
GitHub
EDR Threat Hunt Queries
About

Search for:

Blog

Cloud Forensics Incident Response Threat Hunting Tooling and Software

Jacob Wilson

May 21, 2025

CSV2ELK

Why I Built ThisAs a DFIR professional, I constantly deal with:CSV exports from SIEMs, firewalls, and malware...

Tooling and Software

Jacob Wilson

Apr 7, 2025

Setting up logontracer daemon

Step 1 – Create Bash Script: Touch logontracer_run.sh Chmod +x logontracer_run.sh Nano logontracer_run.sh #!/bin/bash # Get...

Prev 1 2 3 4

Search

Search for:

Popular Categories

Cloud Forensics
Featured
Incident Response
LLM / AI
Malware Analysis
Threat Hunting
Tooling and Software
Windows Forensics

Popular Posts

DFIR Copilot: LLM-Powered Investigations Directly Inside Splunk By Jacob Wilson February 6, 2026

VaultMirror – Robust Evidence Sync for the DFIR Professional By Jacob Wilson January 21, 2026

FivePM – Threat Hunter By Jacob Wilson November 6, 2025

Popular Tags

AI Archiving Chainsaw Crowdstrike CSV CSV2ELK DFIR Elastic ELK FivePM Hayabusa Incident Response LLM Malware Analysis NGINX Ollama OSINT SFTP Splunk THOR Threat Hunting ThreatHunting timeline Tooling

Navigation

Home
Vault
GitHub
EDR Threat Hunt Queries
About

Categories

Malware Analysis
Incident Response
Tooling and Software

Github X-twitter Youtube Linkedin

© 2025 DFIR Vault. All rights reserved.