SHOP DFIR Gear
All proceeds from DFIR Merchandise go to Girls Who Code.
SANS DFIR Training
SANS DFIR Courses will teach you how to detect compromised systems, identify how and when a breech occurred, understand what attackers took or changed, and successfully contain and remediate incidents.
SIFT Workstation is available to the digital forensics and incident response community as a public service. SIFT features powerful cutting-edge open-source tools that are freely available and frequently updated and can match any modern DFIR tool suite.
REMnux® is a free Linux toolkit for assisting malware analysts with reverse-engineering malicious software. It strives to make it easier for forensic investigators and incident responders to start using the variety of freely-available tools that can examine malware, yet might be difficult to locate or set up.
The SOF-ELK platform is a customized build of the open source ELK stack, consisting of the Elasticsearch storage and search engine, Logstash ingestion and enrichment component, and the Kibana dashboard frontend.
Incident Responders are on the front lines of intrusion investigations. Eric Zimmerman's Tools (EZ Tools) aim to support DFIR analysts in their quest to uncover the truth.