macos-collector - Automated Collection of macOS Forensic Artifacts for DFIR
☆29Jan 29, 2026Updated 3 weeks ago
Alternatives and similar repositories for macos-collector
Users that are interested in macos-collector are comparing it to the libraries listed below
Sorting:
- Yet another fseventsd parser for macOS forensics☆12Jul 20, 2024Updated last year
- Extract files from ADB devices on Windows, Linux and MacOS. Mostly a wrapper for adbutils.☆36Updated this week
- Tools for macOS Forensic Bootable media☆15May 20, 2020Updated 5 years ago
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated last year
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- DC3 SQLite Dissect☆72Nov 4, 2024Updated last year
- Forensic Analysis Tool for Btrfs File System.☆20Aug 6, 2018Updated 7 years ago
- SANS Holiday Hack Challenge write-up template☆28Nov 20, 2023Updated 2 years ago
- An efficient tool for search files, directories, and alternate data streams directly from NTFS image files.☆28Updated this week
- USN Journal full path builder☆65Sep 16, 2024Updated last year
- A utility to process the iOS Cache.sqlite database and create a timelined KML map for use in Google Earth☆30Dec 3, 2024Updated last year
- Search Index Database Reporter☆131Oct 28, 2025Updated 3 months ago
- NSKeyedArchive plist deserializer☆29Sep 13, 2024Updated last year
- This free tool parses Google Takeout Location History Exports or Google Semantic Location History Warrant Return Data in a forensic manne…☆40Sep 26, 2025Updated 5 months ago
- Notes for the PJPT exam!☆14Aug 8, 2024Updated last year
- A timestamp and date decoder written for python 3☆41Jan 22, 2026Updated last month
- ☆11Oct 11, 2020Updated 5 years ago
- Tool to check the CloudTrail configuration and the services where trails are sent, to detect potential attacks to CloudTrail logging.☆13May 25, 2024Updated last year
- A simple tool designed to create Atomic Red Team tests with ease.☆49Mar 11, 2025Updated 11 months ago
- Parses USB connection artifacts from offline Registry hives☆107Feb 8, 2026Updated 2 weeks ago
- Linux Evidence Acquisition Framework☆119Sep 30, 2024Updated last year
- Queries for parsed spotlight database in sqlite☆13Dec 29, 2020Updated 5 years ago
- C# implementation of Out-Minidump.ps1☆10Jul 13, 2018Updated 7 years ago
- ☆10Jul 3, 2021Updated 4 years ago
- This config file will automatically convert a temporary Windows Sandbox environment into a Flare VM for malware analysis.☆11Jan 3, 2025Updated last year
- A python script to automatically generate shellcode payload from assembly files.☆13Nov 13, 2022Updated 3 years ago
- ☆13Aug 28, 2014Updated 11 years ago
- RedAudit is a next-generation Windows forensic and security assessment framework featuring a live cyber-operations GUI built for real inv…☆35Nov 15, 2025Updated 3 months ago
- ☆14Jul 26, 2025Updated 7 months ago
- Some python scripts I wrote that help with various specialized AWS security things☆10Jan 15, 2020Updated 6 years ago
- Netwitness Maltego integration Project☆18May 9, 2017Updated 8 years ago
- ☆11Mar 9, 2018Updated 7 years ago
- Solving CAPTCHA with Image Classification☆10Mar 13, 2025Updated 11 months ago
- A Simple CLI App to mark all EXCEL sheets visible (i.e. sets "Very Hidden" and "Hidden" to "Visible")☆11Apr 16, 2020Updated 5 years ago
- Python library and CLI for listing and downloading Apple's updates for macOS (Secruity updates, CommandLineTools, OS Upgrades and etc...)☆20Oct 19, 2025Updated 4 months ago
- Make an Linux Kernel rootkit visible again.☆59Feb 27, 2025Updated last year
- Slides and material from my conference presentations☆16Mar 30, 2024Updated last year
- android-sms2csv.py extract SMS messages from Android backup files☆13Jun 19, 2020Updated 5 years ago
- Koth - a repository with cheat-sheet Koth in THM (Try Hack Me)☆12Aug 7, 2023Updated 2 years ago