urlscan.io logo urlscan.io
SecurityTrails logo

dfiq.org Open in urlscan Pro
2606:50c0:8000::153  Public Scan

Back to summary
URL: https://dfiq.org/?utm_medium=email
Submission: On August 24 via api from US — Scanned from DE

Form analysis 1 forms found in the DOM

Name: search 

<form class="md-search__form" name="search">
  <input type="text" class="md-search__input" name="query" aria-label="Search" placeholder="Search" autocapitalize="off" autocorrect="off" autocomplete="off" spellcheck="false" data-md-component="search-query" required="">
  <label class="md-search__icon md-icon" for="__search">
    <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24">
      <path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"></path>
    </svg>
    <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24">
      <path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12Z"></path>
    </svg>
  </label>
  <nav class="md-search__options" aria-label="Search">
    <button type="reset" class="md-search__icon md-icon" title="Clear" aria-label="Clear" tabindex="-1">
      <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24">
        <path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41Z"></path>
      </svg>
    </button>
  </nav>
</form>

Text Content

Skip to content

DFIQ (Digital Forensics Investigative Questions)
Home
Type to start searching
GitHub
 * 159
 * 10

 * Home
 * Tags
 * Questions
 * Scenarios

DFIQ (Digital Forensics Investigative Questions)
GitHub
 * 159
 * 10

 * Home Home
   Table of contents
    * Key Aspects of DFIQ:
    * Get Started!

 * Tags
 * Questions
   Questions
    * What files were downloaded using a web browser?
    * What pages did web browsers visit?
    * What Chrome extensions are installed?
    * Have there been any executions of PsExec?
    * Have there been any executions of PsExeSrv?

 * Scenarios
   Scenarios
    * Data Exfiltration
    * Data Infiltration
    * Suspicious DNS Query
    * Cloud Project Compromise Assessment
    * Host Persistence Audit
    * Lateral Movement

Table of contents
 * Key Aspects of DFIQ:
 * Get Started!


DIGITAL FORENSICS INVESTIGATIVE QUESTIONS





DFIQ is a collection of Digital Forensics Investigative Questions and the
approaches to answering them. The goal of the project is to build a
comprehensive catalog of investigative knowledge to help drive consistent,
thorough, and explainable investigations.


KEY ASPECTS OF DFIQ:

 * DFIQ is a catalog of investigative knowledge, centered on Questions
 * Uses the concept of Scenarios to logically group Questions and help structure
   investigations
 * Stores data in an easily-readable, tool-agnostic format (YAML) to be used by
   others






GET STARTED!

View Questions   View Scenarios



Back to top