Evidence-safe autonomous DFIR agent and MCP server for Protocol SIFT Find Evil hackathon.
-
Updated
May 1, 2026 - Python
#
protocol-sift
Here are 6 public repositories matching this topic...
Bounded autonomous DFIR triage for SIFT and Protocol SIFT.
python mcp incident-response dfir digital-forensics autonomous-agents sift-workstation model-context-protocol openclaw protocol-sift
-
Updated
Jun 16, 2026 - Python
Self-correcting AI agent for DFIR — FIND EVIL! Hackathon 2026
-
Updated
Jun 3, 2026 - Shell
Read-only Neo4j graph-correlation layer extending Protocol SIFT for AI-driven DFIR — cross-host, cross-time evidence correlation exposed to a Claude Code agent via architecturally read-only MCP tools. SANS FIND EVIL! 2026 submission.
-
Updated
Jun 15, 2026 - Python
Graph-Linked Adversarial Investigation & Verification Engine autonomous DFIR with architectural hallucination resistance.
-
Updated
May 29, 2026 - Python
VERDICT: an autonomous, read-only, self-correcting incident response analyst for the SANS SIFT Workstation. Custom MCP Server (pattern 2) + Claude Code. Find Evil hackathon.
-
Updated
Jun 15, 2026 - Python
Improve this page
Add a description, image, and links to the protocol-sift topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the protocol-sift topic, visit your repo's landing page and select "manage topics."