There are 1 repository under live-response topic.
MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as KAPE and THOR Cloud and more.
Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR
unix_collector is a Live Response collection script for Incident Response on UNIX-like systems using native binaries. Supports AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.
This is a Live Response script to help incident responders to acquire data, contain and recover.
Incident Forensic Response In Terminal script for linux
File and file meta information collect using PowerShell in Live Response environment.
A Firefox extension to encrypt files downloaded through Microsoft 365 Defender's Live Response Sessions.
Parse IIS applicationHost.config to generate CSV file.