Dfir Automation Python Packages

edf-plasma-dissectors

Extract and normalize information from forensics artifacts

510 5 3

edf-plasma-core

Extract and normalize information from forensics artifacts

500 5 3

edf-plasma-cli

EDF Plasma CLI

443 5 3

generaptor

A generator for Velociraptor-based offline collectors

288 16 4

mem-forensics-mcp

Unified Memory Forensics MCP Server - Multi-tier engine combining Rust speed with Vol3 coverage.

256 4 0

crowdstrike-client

A Non-oficial crowdstrike client API

231 0 0

edf-helium-server

EDF Helium Server

203 1 2

edf-helium-client

EDF Helium Client

200 1 2

edf-helium-core

EDF Helium Core

200 1 2

edf-carbon-server

EDF Carbon Server

169 2 2

varc

Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of particular use when investigating a security incident.

167 254 14

edf-carbon-core

EDF Carbon Core Library

167 2 2

edf-carbon-client

EDF Carbon Client

166 2 2

edf-neon-server

EDF Neon Server

156 1 2

edf-neon-core

EDF Neon Core

151 1 2

edf-iron-server

Unified cases, seamless integrations

147 1 2

edf-iron-core

EDF Iron Core

147 1 2

edf-neon-client

EDF Neon Client

135 1 2

edf-iron-client

Iron Client

135 1 2

edf-iron-x-iris

EDF Iron x DFIR IRIS Proxy

127 1 2

urlbreakdown

splits a URL into individual components, unescapes arguments, and performs light calculations for manual or automated analysis

78 1 0

edf-fossil

A post-mortem analysis tool for raw disk/partition images

59 0 1