Incident Response - DFIRVault

Tooling and Software

June 24, 2025

NGINX log parser

During DFIR investigations, especially in NGINX environments, we’re often handed a messy directory full of rotated and compressed log files — access.log, access.log-20250624, error.log-20250623.xz, and so on.Sound familiar?To streamline this chaos, I built a...

Threat Hunting, Tooling and Software

June 22, 2025

DFIR THOR Drive Scanner – Fast Forensic Scans with One Click

🔍 THOR Drive Scanner – Fast Forensic Scans with One ClickNeed to scan a mounted drive with THOR Lite? I built a no-fuss batch utility to automate it — THOR Drive Scanner.⚡ What It...

Tooling and Software

June 21, 2025

DFIR Case Manager

📁 DFIR Case Manager – Simple Case Workflow in a ClickManaging forensic case folders shouldn't be a chore. That’s why I built DFIR Case Manager, a no-frills batch utility that automates your case structure...

Incident Response, Threat Hunting, Tooling and Software

June 12, 2025

Splunk DFIR Dashboard Collection

Digital Forensics and Incident Response (DFIR) professionals know that speed and efficiency are critical during investigations. The Splunk DFIR Dashboard Collection is a treasure trove of ready-to-use Splunk dashboards designed to streamline forensic analysis and provide...

NGINX log parser

DFIR THOR Drive Scanner – Fast Forensic Scans with One Click

DFIR Case Manager

Splunk DFIR Dashboard Collection

Navigation

Categories