forensic-analyst
CommunityForensic investigations with LimaCharlie workflows.
System Documentation
What problem does it solve?
Digital forensics investigations using LimaCharlie can be complex, time-consuming, and require coordinated data collection, timeline reconstruction, and defensible reporting. This skill provides a structured methodology and actionable workflows to guide analysts through evidence preservation, artifact analysis, and narrative development with auditable traceability.
Core Features & Use Cases
- Guided, end-to-end 6-phase forensic workflow aligned with LimaCharlie capabilities (preservation, collection, examination, analysis, recording, reporting)
- Comprehensive artifact coverage (memory, registry, logs, network, files) and timeline construction
- Ready-to-use patterns for incident response, post-incident analysis, and proactive forensics in Windows and Linux environments
- Real-world example: reconstruct an attack timeline from memory to final report using LCQL queries and artifact collection
Quick Start
Run a focused incident with memory and artifact collection using LimaCharlie LCQL queries to reconstruct the timeline and generate an evidence-backed report.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: forensic-analyst Download link: https://github.com/tekgrunt/boot-test/archive/main.zip#forensic-analyst Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.