macos-collector - Automated Collection of macOS Forensic Artifacts for DFIR
☆37Mar 16, 2026Updated this week
Alternatives and similar repositories for macos-collector
Users that are interested in macos-collector are comparing it to the libraries listed below
Sorting:
- Extract files from ADB devices on Windows, Linux and MacOS. Mostly a wrapper for adbutils.☆37Mar 10, 2026Updated last week
- Yet another fseventsd parser for macOS forensics☆12Jul 20, 2024Updated last year
- Parser for Sdba memory pool tags�☆21Jul 16, 2021Updated 4 years ago
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated last year
- SANS Holiday Hack Challenge write-up template☆28Nov 20, 2023Updated 2 years ago
- DC3 SQLite Dissect☆72Nov 4, 2024Updated last year
- Napkin is a simple tool to produce statistical analysis of a text☆12Feb 25, 2024Updated 2 years ago
- An efficient tool for search files, directories, and alternate data streams directly from NTFS image files.☆28Mar 12, 2026Updated last week
- NSKeyedArchive plist deserializer☆28Sep 13, 2024Updated last year
- A utility to process the iOS Cache.sqlite database and create a timelined KML map for use in Google Earth☆30Dec 3, 2024Updated last year
- Notes for the PJPT exam!☆14Aug 8, 2024Updated last year
- ☆11Oct 11, 2020Updated 5 years ago
- Easy way to create a MISP event related to a Phishing page☆17May 31, 2023Updated 2 years ago
- RedAudit is a next-generation Windows forensic and security assessment framework featuring a live cyber-operations GUI built for real inv…☆35Nov 15, 2025Updated 4 months ago
- Repository to track community hardware, data and funding.☆12Apr 8, 2022Updated 3 years ago
- Digital forensics for Google Drive—done right. Identify, preserve, and document cloud evidence with hash verification, timeline reconstru…☆26Dec 8, 2025Updated 3 months ago
- Windows Forensics Environment Builder☆180Dec 5, 2025Updated 3 months ago
- Use DNS to hunt for threats including DGAs☆15Jan 4, 2016Updated 10 years ago
- Proof of concept memory anti-forensic toolkit designed for hiding various artifacts inside the memory dump during memory acquisition on M…☆14Oct 2, 2019Updated 6 years ago
- This tool is meant to parse an NTFS $MFT file.☆15Mar 26, 2024Updated last year
- Search Index Database Reporter☆131Oct 28, 2025Updated 4 months ago
- This is a place for all things OSINT & Bookmarklets!☆17Jul 21, 2021Updated 4 years ago
- USN Journal full path builder☆67Sep 16, 2024Updated last year
- C# implementation of Out-Minidump.ps1☆10Jul 13, 2018Updated 7 years ago
- PowerShell cmdlet to push PowerShell attack modules to a remote system via PSRemoting and if required enable WinRM remotely.☆28Sep 13, 2016Updated 9 years ago
- Orchestrate gatherer, scanner, saver, and trustymail_reporter☆19Mar 11, 2026Updated last week
- macOS forensic acquisition made simple☆226Mar 6, 2026Updated 2 weeks ago
- ☆26Dec 21, 2025Updated 2 months ago
- ☆10Jul 3, 2021Updated 4 years ago
- Python script that generates a HTML triage report of iOS notifications content.☆17Sep 19, 2019Updated 6 years ago
- A set of hashcat hcmask files, prioritized by cracking efficiency... and the hcmask_Generator_9000.xlsx tool.☆25Dec 17, 2023Updated 2 years ago
- Forensic Analysis Tool for Btrfs File System.☆20Aug 6, 2018Updated 7 years ago
- Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…☆15Jul 23, 2020Updated 5 years ago
- ☆11Aug 3, 2018Updated 7 years ago
- Threat Hunt Investigation Methodology and Procedure☆15Jul 11, 2022Updated 3 years ago
- A map displaying threat actors from the misp-galaxy☆33Jan 16, 2023Updated 3 years ago
- This config file will automatically convert a temporary Windows Sandbox environment into a Flare VM for malware analysis.☆11Jan 3, 2025Updated last year
- A simple utility for stripping out either the SHA-1, MD5 or CRC values alone from the NSRL hash database☆14Nov 19, 2021Updated 4 years ago
- The FASTEST way to parse Email☆18Dec 24, 2021Updated 4 years ago