detect-dfir-collection-type
CommunityClassify evidence files and folders to streamline forensic workflows.
Authormgreen27
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Identifies the type of digital forensic evidence present on disk or inside directories, enabling precise categorization for analysis.
Core Features & Use Cases
- Collection Classification: Detects whether a path contains a disk image, memory image, process dump, live-response data, or unknown artefacts.
- Workflow Integration: Facilitates automatic sorting of evidence into appropriate forensic tools and procedures.
- Use Case: When an investigator receives multiple evidence files, use this Skill to classify each item quickly, allowing focused analysis on memory dumps or disk images.
Quick Start
Use the detect-dfir-collection-type skill to analyze the folder /investigation/evidence and receive classification results instantly.
Dependency Matrix
Required Modules
None requiredComponents
scripts
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: detect-dfir-collection-type Download link: https://github.com/mgreen27/dfir-skills/archive/main.zip#detect-dfir-collection-type Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.