CIRTKit – One DFIR console

CIRTKit is not just a collection of tools, but also a framework to aid in the ongoing unification of Incident Response and Forensics investigation processes.

CIRTKit - One DFIR console
CIRTKit – One DFIR console

Investigations are the core of this framework. the process of IR generate large amounts of data during investigations. Normally this data is stored in ticketing systems, governance and risk systems, or some other variation of persistent data storage.

The framework aims to bring core DFIR (Digital Forensics and Incident Response) tools into one console, centralizing the investigation process. There are many tools available that incident responders use to collect, parse, and interpret data. The current available integration is with CarbonBlack while there are more on the list.

You can read more and download this tool over here: https://github.com/opensourcesec/CIRTKit

Share