Dfir Automation Python Packages

generaptor

CLI generator for Velociraptor offline collector

537 16 4

edf-helium-core

Collaborative Forensic Collections Manager

424 1 2

edf-helium-server

Collaborative Forensic Collections Manager

411 1 2

edf-helium-client

Collaborative Forensic Collections Manager

392 1 2

edf-plasma-dissectors

Extract and normalize information from forensics artifacts

351 5 3

edf-plasma-core

Extract and normalize information from forensics artifacts

315 5 3

mem-forensics-mcp

Unified Memory Forensics MCP Server - Multi-tier engine combining Rust speed with Vol3 coverage.

311 4 0

edf-plasma-cli

Extract and normalize information from forensics artifacts

290 5 3

varc

Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of particular use when investigating a security incident.

216 254 14

crowdstrike-client

CrowdStrike API Client Library

163 0 0

edf-carbon-core

EDF Carbon Core Library

153 2 2

edf-carbon-client

EDF Carbon Client

152 2 2

edf-carbon-server

EDF Carbon Server

146 2 2

edf-iron-server

Unified cases, seamless integrations

130 1 2

edf-iron-core

EDF Iron Core

129 1 2

edf-neon-server

Minimalist Collaborative Malware DB Management

128 1 2

edf-neon-core

EDF Neon Core

127 1 2

edf-iron-client

Unified cases, seamless integrations

120 1 2

edf-neon-client

EDF Neon Client

111 1 2

edf-iron-x-iris

EDF Iron x DFIR IRIS Proxy

105 1 2

urlbreakdown

splits a URL into individual components, unescapes arguments, and performs light calculations for manual or automated analysis

91 1 0

edf-fossil

A post-mortem analysis tool for raw disk/partition images

45 0 1