GitHub

Digital Forensics - Windows Registry.txt

A complete hands-on reference of 46 Windows persistence techniques used by real-world APT groups. Each technique includes MITRE ATT&CK TTP mapping, known threat actor attribution, attack commands, ...
GitHub

AEGIS — Autonomous Evidence & Guided Investigation System

An autonomous DFIR agent that wraps the SANS SIFT Workstation's forensic tooling behind a typed, read-only MCP server and drives a self-correcting triage loop that thinks like a senior analyst — ...