# AIWG Forensics Complete

Digital forensics and incident response framework with 14 specialized agents.

## Features

- **Triage & Acquisition**: RFC 3227 volatility-order capture, chain of custody, hash verification
- **Multi-Domain Analysis**: Logs, memory (Volatility 3), containers (Docker/K8s), cloud (AWS/Azure/GCP)
- **Threat Hunting**: Sigma rule application, IOC extraction in STIX 2.1 format
- **Reporting**: Executive summaries, technical findings, MITRE ATT&CK mapping, remediation plans

## Quick Start

```bash
# Full investigation workflow
/forensics-investigate

# Quick triage
/forensics-triage

# Build target profile
/forensics-profile

# Generate forensic report
/forensics-report
```

## Documentation

- Full guide: https://docs.aiwg.io/forensics
- Discord: https://discord.gg/BuAusFMxdA