A DFIR tool to collect artifacts on macOS
☆57Mar 1, 2020Updated 6 years ago
Alternatives and similar repositories for macOSTriageTool
Users that are interested in macOSTriageTool are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A small tool to easily mount APFS image on macOS for forensics.☆17Jul 30, 2020Updated 5 years ago
- macOS Artifact Intelligence Tool☆13Apr 30, 2019Updated 7 years ago
- A DFIR tool to analyze artifacts on macOS☆35Jan 18, 2021Updated 5 years ago
- Windows 10 Live Information viewer☆40Jan 27, 2022Updated 4 years ago
- CDIR Analyzer - parsers for data collected by CDIR Collector☆21Jun 3, 2026Updated last week
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Forensic Artifact Collection Tool for macOS☆119Jul 28, 2025Updated 10 months ago
- macOS forensic timeline generator using the analysis result DBs of mac_apt☆94Sep 7, 2023Updated 2 years ago
- R-CSIRT Linux Triage tool☆39Jun 28, 2018Updated 7 years ago
- CDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library☆171Oct 25, 2024Updated last year
- A python script to acquire multiple aws ec2 instances in a forensically sound-ish way☆37Nov 8, 2021Updated 4 years ago
- Run Sigma detection rules on logs from the new MacOS EndpointSecurity Framework☆22Jan 22, 2021Updated 5 years ago
- Attempt to replicate the functions of auto_rip by Corey Harrell in Python.☆12Aug 4, 2024Updated last year
- Web app built to allow digital forensic professionals to search for the forensic tools that will parse artifacts from various apps.☆18Apr 30, 2025Updated last year
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆69Sep 13, 2023Updated 2 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- $MFT directory tree reconstruction & FILE record info☆330Oct 7, 2024Updated last year
- Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)☆196Feb 16, 2023Updated 3 years ago
- A command-line tool for searching files, directories, and alternate data streams directly from NTFS image files.☆29Jun 1, 2026Updated last week
- WLEAPP is an open source project that aims to parse Windows OS artifacts for the purpose of triage analysis.☆35Nov 16, 2023Updated 2 years ago
- Quick iOS Backup UnFunkerizor☆22May 25, 2021Updated 5 years ago
- ReWrite of AChoir in Go for Cross Platform forensic artifact collection and processing☆42May 18, 2026Updated 3 weeks ago
- ☆31Feb 12, 2026Updated 4 months ago
- A simple utility for stripping out either the SHA-1, MD5 or CRC values alone from the NSRL hash database☆14Nov 19, 2021Updated 4 years ago
- Windows Event Log "Microsoft-Windows-Partition%4Diagnostic.evtx" parser and devices' VSNs extractor.☆20Nov 28, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Google Filestream Forensic Tool☆22Mar 10, 2022Updated 4 years ago
- Lepus-CTF frontend application☆11Nov 2, 2015Updated 10 years ago
- ☆23Mar 12, 2025Updated last year
- Module(s) related to reading SEGB (fka "Biome") data from iOS, mascOS, etc.☆30Sep 9, 2025Updated 9 months ago
- A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.☆118Jan 26, 2022Updated 4 years ago
- Yet another fseventsd parser for macOS forensics☆12Jul 20, 2024Updated last year
- A Windows REG file to enable all default PowerShell logging on a system with PowerShell v5 installed☆16Jun 20, 2016Updated 9 years ago
- my MSTICpy practice and custom tools repository☆11Apr 23, 2025Updated last year
- Trace ScriptBlock execution for powershell v2☆40Jan 14, 2020Updated 6 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- ☆11Aug 3, 2018Updated 7 years ago
- CTI-URLScan is a command line tool to enable analysts to search URLscan.io submissions. Pull screenshot and DOM content. As well as, auto…☆11Mar 2, 2021Updated 5 years ago
- An NTFS/FAT parser for digital forensics & incident response☆233Oct 31, 2025Updated 7 months ago
- A series of python scripts to extract information from SQLite Data Files☆22Nov 15, 2025Updated 6 months ago
- OneDriveExplorer is a command line and GUI based application for reconstructing the folder structure of OneDrive from the <UserCid>.dat a…☆232Jan 6, 2026Updated 5 months ago
- Apple Pattern of Life Lazy Output'er☆648Feb 25, 2024Updated 2 years ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆345Jun 25, 2022Updated 3 years ago