Recruit-CSIRT / macOSTriageToolLinks
A DFIR tool to collect artifacts on macOS
☆55Updated 5 years ago
Alternatives and similar repositories for macOSTriageTool
Users that are interested in macOSTriageTool are comparing it to the libraries listed below
Sorting:
- R-CSIRT Linux Triage tool☆39Updated 7 years ago
- A DFIR tool to analyze artifacts on macOS☆33Updated 4 years ago
- macOS Artifact Intelligence Tool☆13Updated 6 years ago
- macOS triage is a python script to collect various macOS logs, artifacts, and other data.☆27Updated 4 years ago
- Carves and recreates VSS catalog and store from Windows disk image.☆99Updated 2 years ago
- Scripts and tools created for appx analysis talk (Magnet summit 2019)☆16Updated last year
- CIRCL system forensic tools or a jumble of tools to support forensic☆42Updated 2 years ago
- Different DFIR and CTI utilities☆37Updated 5 years ago
- ☆25Updated 2 years ago
- Threat intelligence and threat detection indicators (IOC, IOA)☆52Updated 4 years ago
- A rewrite of mactime, a bodyfile reader☆40Updated last year
- Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.☆109Updated 7 years ago
- evtx2json extracts events of interest from event logs, dedups them, and exports them to json.☆42Updated 4 years ago
- Carve $MFT records from a chunk of data (for instance a memory dump)☆16Updated 9 years ago
- Windows Thingies in Python for live use.☆24Updated 6 years ago
- Generate a Yara rule to find base64-encoded files containg a specific keyword☆40Updated 7 years ago
- Converting data from services like Censys and Shodan to a common data model☆50Updated 2 months ago
- Collection of scripts used to analyse malware or emails☆20Updated 4 years ago
- A small tool to easily mount APFS image on macOS for forensics.☆16Updated 5 years ago
- NTFS file system specimens☆13Updated 2 years ago
- Synopsis is a tool to aid analysts reviewing browser history files by providing a high-level “synopsis” of key information.☆21Updated 6 years ago
- A DFVFS Backed Forensic Viewer☆40Updated 5 years ago
- Script that checks for available updates for the most commonly used Digital Forensics tools☆59Updated 4 years ago
- Sandbox feature upgrade with the help of wrapped samples☆76Updated 7 years ago
- macOS forensic timeline generator using the analysis result DBs of mac_apt☆94Updated last year
- Yara rules for detecting malware☆24Updated 11 months ago
- 1-Click push forensics evidence to the cloud☆141Updated last year
- Community modules for FAME☆65Updated 2 weeks ago
- CDIR Analyzer - parsers for data collected by CDIR Collector☆18Updated 2 years ago
- pollen - A command-line tool for interacting with TheHive☆35Updated 6 years ago