Windows Forensics MCP Server

@x746b

23 days ago

Windows DFIR from Linux - A comprehensive forensics toolkit designed entirely for Linux environments with zero Windows tool dependencies. Parse Windows artifacts natively using pure Python libraries

Overview Tools Comments

Tools

Try in Playground

Server Config

{
  "mcpServers": {
    "winforensics-mcp": {
      "command": "uv",
      "args": [
        "run",
        "--directory",
        "/path/to/winforensics-mcp",
        "python",
        "-m",
        "winforensics_mcp.server"
      ]
    }
  }
}

Build with ShipAny.

Explore
Playground
Blog
Cases
DXT
Partners

Privacy
Terms