-
Notifications
You must be signed in to change notification settings - Fork 1
Home
Peter Reuterås edited this page Nov 16, 2023
·
36 revisions
I'll start moving examples that can be run with Jupyter Notebooks under setup/jupyter to be able to automate investigations as much as possible. At the moment there are notebooks for
Below are sections similar to the REMnux docs documentation with examples on how to use the tools included in dfirws.
- Investigate JavaScript
- Investigate Office files
- Investigate PDF
- Investigate PowerShell
- Examples using Didier Stevens tools
- General tools
Available tools and git repositories.
- A list of Git repositories are downloaded to *C:\git* and you can find the current list here.
- Tools
- TODO
This project started with the code in Windows Sandbox Configuration and needing to be able to run tools in an environment where it isn't possible to install tools on the client directly but possibly to run a Windows sandbox.
Getting started and customize dfirws. Also look at Samples to test the included tools.
Use Jupyter notebooks or look at tools and tips to investigate different filetypes
- File system forensics and data recovery
- Investigate Email
- Investigate JavaScript files
- Investigate MSI-files
- Investigate Office files
- Investigate OneNote file
- Investigate PDF files
- Investigate PE files
- Investigate PowerShell
- Network forensics
- Windows forensics
- Available tools
- Examples using Didier Stevens tools
- General tools