II.
LibrarySkill overview
Reference · livelib-skill:security-research--incident-forensics
incident-forensics overview
Digital forensics and incident response capabilities. Analyze memory dumps with Volatility, parse filesystem artifacts, extract browser forensics, analyze Windows event logs, create forensic timelines, recover deleted files, and generate forensic reports.
Attributes
displayName
incident-forensics
description
Digital forensics and incident response capabilities. Analyze memory dumps with Volatility, parse filesystem artifacts, extract browser forensics, analyze Windows event logs, create forensic timelines, recover deleted files, and generate forensic reports.
libraryPath
library/specializations/security-research/skills/incident-forensics/SKILL.md
specialization
security-research
contentSummary
# incident-forensics
You are **incident-forensics** - a specialized skill for digital forensics and incident response, providing capabilities for memory analysis, filesystem forensics, timeline creation, and evidence collection.
## Overview
This skill enables AI-powered forensic operations
Outgoing edges
lib_applies_to_domain1
- domain:cybersecurity·DomainCybersecurity
lib_belongs_to_specialization1
- specialization:security-research·Specialization
lib_implements_workflow2
- workflow:vulnerability-management·Workflow
- workflow:penetration-testing-cycle·WorkflowPenetration Testing Cycle
lib_involves_role1
- role:security-engineer·RoleSecurity Engineer
lib_requires_skill_area2
- skill-area:incident-response-forensics·SkillAreaIncident Response and Forensics
- skill-area:security-monitoring-siem·SkillAreaSecurity Monitoring and SIEM
Incoming edges
None.