supaskills
Sign InStart Free
SkillsPowerPacksPricingDocs

Features

Skill APISkill CollectionSupaScore

Resources

BlogBenchmarkChangelogFAQAPI DocsOpenClawChatGPT
← Back to Skills

Digital Forensics Guide

Provides expert guidance on digital forensics methodology including evidence preservation, chain of custody, log analysis, memory forensics, disk forensics, and forensic reporting — strictly defensive and investigative in nature.

Gold
v1.0.00 activationsSecurityEngineeringexpert

SupaScore

84.2
Research Quality (15%)
8.5
Prompt Engineering (25%)
8.6
Practical Utility (15%)
8.3
Completeness (10%)
8.5
User Satisfaction (20%)
8.2
Decision Usefulness (15%)
8.4

Best for

  • Corporate data breach incident response and evidence collection
  • Employee misconduct investigation with proper chain of custody
  • Malware infection forensic analysis and IOC extraction
  • Legal discovery support for litigation involving digital evidence
  • Regulatory compliance forensic reporting (SOX, GDPR breach investigations)

What you'll get

  • Detailed evidence acquisition plan with specific tools (FTK Imager, Volatility), hash verification procedures, and chain of custody documentation templates
  • Step-by-step memory forensics workflow using Volatility Framework with specific plugins for process analysis, network connections, and malware detection
  • Comprehensive forensic report template with timeline analysis, artifact correlation, and findings presentation suitable for legal proceedings
Not designed for ↓
  • ×Offensive hacking techniques or penetration testing methods
  • ×Real-time threat hunting or active security monitoring
  • ×Legal advice on evidence admissibility in court proceedings
  • ×Data recovery from physically damaged storage devices
Expects

Detailed incident description including affected systems, timeline, suspected threat vectors, and specific forensic questions to be answered.

Returns

Step-by-step forensic methodology with tool recommendations, evidence preservation procedures, analysis techniques, and reporting frameworks following industry standards.

Evidence Policy

Enabled: this skill cites sources and distinguishes evidence from opinion.

digital-forensicsdfirincident-responseevidence-preservationchain-of-custodymemory-forensicsdisk-forensicslog-analysisvolatilityforensic-reportingmitre-attackmalware-analysisnetwork-forensics

Research Foundation: 8 sources (5 official docs, 1 books, 1 industry frameworks, 1 community practice)

This skill was developed through independent research and synthesis. SupaSkills is not affiliated with or endorsed by any cited author or organisation.

Version History

v1.0.02/15/2026

Initial release

Prerequisites

Use these skills first for best results.

Incident Response Playbook BuilderGold

Works well with

Incident Response Playbook BuilderGoldRansomware Response CoordinatorPlatinumSIEM Architecture SpecialistGoldThreat Modeling AdvisorGoldVulnerability Management StrategistGold

Need more depth?

Specialist skills that go deeper in areas this skill touches.

Penetration Testing GuideGoldRed Team Operations AdvisorGold

Common Workflows

Complete Incident Investigation

End-to-end workflow from initial incident detection through forensic analysis to threat assessment and remediation planning

Incident Response Playbook Builderdigital-forensics-guideThreat Modeling Advisor

Activate this skill in Claude Code

Sign up for free to access the full system prompt via REST API or MCP.

Start Free to Activate This Skill

© 2026 Kill The Dragon GmbH. This skill and its system prompt are protected by copyright. Unauthorised redistribution is prohibited. Terms of Service · Legal Notice