A DFIR tool to collect artifacts on macOS
☆57Mar 1, 2020Updated 6 years ago
Alternatives and similar repositories for macOSTriageTool
Users that are interested in macOSTriageTool are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A small tool to easily mount APFS image on macOS for forensics.☆16Jul 30, 2020Updated 5 years ago
- macOS Artifact Intelligence Tool☆13Apr 30, 2019Updated 7 years ago
- A DFIR tool to analyze artifacts on macOS☆35Jan 18, 2021Updated 5 years ago
- Windows 10 Live Information viewer☆39Jan 27, 2022Updated 4 years ago
- CDIR Analyzer - parsers for data collected by CDIR Collector☆21Dec 11, 2025Updated 4 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Forensic Artifact Collection Tool for macOS☆119Jul 28, 2025Updated 9 months ago
- macOS forensic timeline generator using the analysis result DBs of mac_apt☆94Sep 7, 2023Updated 2 years ago
- R-CSIRT Linux Triage tool☆39Jun 28, 2018Updated 7 years ago
- CDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library☆168Oct 25, 2024Updated last year
- A python script to acquire multiple aws ec2 instances in a forensically sound-ish way☆38Nov 8, 2021Updated 4 years ago
- Run Sigma detection rules on logs from the new MacOS EndpointSecurity Framework☆22Jan 22, 2021Updated 5 years ago
- Attempt to replicate the functions of auto_rip by Corey Harrell in Python.☆12Aug 4, 2024Updated last year
- Web app built to allow digital forensic professionals to search for the forensic tools that will parse artifacts from various apps.☆18Apr 30, 2025Updated last year
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆69Sep 13, 2023Updated 2 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Google Filestream Forensic Tool☆22Mar 10, 2022Updated 4 years ago
- $MFT directory tree reconstruction & FILE record info☆329Oct 7, 2024Updated last year
- Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)☆196Feb 16, 2023Updated 3 years ago
- An efficient tool for search files, directories, and alternate data streams directly from NTFS image files.☆28Apr 14, 2026Updated 2 weeks ago
- WLEAPP is an open source project that aims to parse Windows OS artifacts for the purpose of triage analysis.☆34Nov 16, 2023Updated 2 years ago
- Quick iOS Backup UnFunkerizor☆22May 25, 2021Updated 4 years ago
- ReWrite of AChoir in Go for Cross Platform forensic artifact collection and processing☆42Apr 18, 2026Updated 2 weeks ago
- A simple utility for stripping out either the SHA-1, MD5 or CRC values alone from the NSRL hash database☆14Nov 19, 2021Updated 4 years ago
- Windows Event Log "Microsoft-Windows-Partition%4Diagnostic.evtx" parser and devices' VSNs extractor.☆20Nov 28, 2023Updated 2 years ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- Lepus-CTF frontend application☆11Nov 2, 2015Updated 10 years ago
- ☆24Mar 12, 2025Updated last year
- Module(s) related to reading SEGB (fka "Biome") data from iOS, mascOS, etc.☆29Sep 9, 2025Updated 7 months ago
- A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.☆118Jan 26, 2022Updated 4 years ago
- Yet another fseventsd parser for macOS forensics☆12Jul 20, 2024Updated last year
- A Windows REG file to enable all default PowerShell logging on a system with PowerShell v5 installed☆16Jun 20, 2016Updated 9 years ago
- my MSTICpy practice and custom tools repository☆11Apr 23, 2025Updated last year
- Trace ScriptBlock execution for powershell v2☆40Jan 14, 2020Updated 6 years ago
- ☆11Aug 3, 2018Updated 7 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- CTI-URLScan is a command line tool to enable analysts to search URLscan.io submissions. Pull screenshot and DOM content. As well as, auto…☆11Mar 2, 2021Updated 5 years ago
- An NTFS/FAT parser for digital forensics & incident response☆230Oct 31, 2025Updated 6 months ago
- A series of python scripts to extract information from SQLite Data Files☆21Nov 15, 2025Updated 5 months ago
- OneDriveExplorer is a command line and GUI based application for reconstructing the folder structure of OneDrive from the <UserCid>.dat a…☆231Jan 6, 2026Updated 3 months ago
- Apple Pattern of Life Lazy Output'er☆643Feb 25, 2024Updated 2 years ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆343Jun 25, 2022Updated 3 years ago
- ☆24Nov 3, 2019Updated 6 years ago