Rust Dfir Resources

Prefetch Hash Cracker Motivation During the forensic analysis of a Windows machine, you may find the name of a deleted prefetch file. While its conten

LOKI2 LOKI - Simple IOC and YARA Scanner Status Work in Progress. This version is not ready for use. There's still some work to do for a first release

fennec is an artifact collection tool written in Rust to be used during incident response on *nix based systems. fennec allows you to write a configuration file that contains how to collect artifacts.