A triage data collection script for macOS
☆30Nov 27, 2020Updated 5 years ago
Alternatives and similar repositories for macOSTriageCollectionScript
Users that are interested in macOSTriageCollectionScript are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Run Sigma detection rules on logs from the new MacOS EndpointSecurity Framework☆22Jan 22, 2021Updated 5 years ago
- Capture. Detonate. Collect☆14Sep 20, 2024Updated last year
- macOS Artifact Intelligence Tool☆13Apr 30, 2019Updated 6 years ago
- Tool to rip system and user data from OSX and macOS☆16Dec 6, 2022Updated 3 years ago
- A script to assist in processing forensic RAM captures for malware triage☆26Feb 4, 2021Updated 5 years ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- Automating forensic data extraction, reduction, and overall triage of cold disk and memory images.☆21Mar 12, 2019Updated 7 years ago
- CertWatcher is a new take on monitoring for phishing sites. It is meant to be a set and forget service that will send you a daily report …☆10Oct 12, 2020Updated 5 years ago
- This repository is a resource that allows us to distribute scripts across multiple MDM tenants with a single point of hosting.☆15May 21, 2025Updated 11 months ago
- This script will generate hashes (MD5, SHA1, SHA256), submit the MD5 to Virus Total, and produce a text file with the results.☆15Jul 13, 2023Updated 2 years ago
- A small tool to easily mount APFS image on macOS for forensics.☆16Jul 30, 2020Updated 5 years ago
- macOS triage is a python script to collect various macOS logs, artifacts, and other data.☆26Mar 25, 2021Updated 5 years ago
- ☆33Feb 26, 2022Updated 4 years ago
- Grepify the GUI Regex Text Scanner for Code Reviewers☆23Apr 15, 2013Updated 13 years ago
- ReWrite of AChoir in Go for Cross Platform forensic artifact collection and processing☆42Apr 18, 2026Updated last week
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- sudo-parser is a tool to audit complex sudoers files☆18Nov 2, 2022Updated 3 years ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆89Mar 11, 2026Updated last month
- Repo for containing and managing office 365 scripts for my customers, techs and others. If you have any questions please feel free to hit…☆11Mar 27, 2022Updated 4 years ago
- AutoIt Analysis Library: Parser & Emulator For Malware Researchers☆21Apr 27, 2019Updated 7 years ago
- A suite of Volatility 3 plugins for memory forensics of Docker containers☆18Jan 10, 2024Updated 2 years ago
- A curated list of KAPE-related resources☆186May 1, 2025Updated 11 months ago
- THOR APT Scanner User Manual☆21Apr 22, 2026Updated last week
- A parsing tool for backgrounditems.btm☆53Aug 23, 2024Updated last year
- Repo of python/bash scripts for identifying IoC's in threat feed and other online tools☆26Jul 27, 2020Updated 5 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- The home of the BriMor Labs rdpieces Perl script that tries to rebuild parsed RDP Bitmap Cache images☆88Aug 29, 2023Updated 2 years ago
- Attempt to replicate the functions of auto_rip by Corey Harrell in Python.☆12Aug 4, 2024Updated last year
- A parser for Unified logging tracev3 files☆98Jul 25, 2025Updated 9 months ago
- Configure Internal iOS Settings, like SpringBoard, Carrier Settings, Mobile Asset Settings.☆10Mar 6, 2019Updated 7 years ago
- ☆12Jun 29, 2021Updated 4 years ago
- Thawne is a Sentinel for your Program. A trojan that Reinfects systems. It installs itself on the system it's Executed on. After which Th…☆10Oct 13, 2020Updated 5 years ago
- ☆25Jul 23, 2024Updated last year
- F-Secure Lightweight Acqusition for Incident Response (FLAIR)☆16Jul 5, 2021Updated 4 years ago
- A pure PowerShell/ .NET DFIR capability that dumps the Windows SRUM (System Resource Usage Monitor) database to CSVs for analysis.☆14Oct 21, 2021Updated 4 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- ☆33Oct 25, 2021Updated 4 years ago
- Incremental Machine Leaning by example - Detecting suspicious activity in real time with Zeek data streams, River and JA3 hashes☆17Aug 10, 2022Updated 3 years ago
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆340Dec 3, 2025Updated 4 months ago
- Windows Event Log "Microsoft-Windows-Partition%4Diagnostic.evtx" parser and devices' VSNs extractor.☆20Nov 28, 2023Updated 2 years ago
- Rip Raw is a small tool to analyse the memory of compromised Linux systems.☆133Jan 31, 2022Updated 4 years ago
- Windows Thingies... but in Rust☆23Nov 12, 2022Updated 3 years ago
- Windows Forensic Environment (WinFE) - based on WinPE☆42Mar 16, 2023Updated 3 years ago