a1l4m / Mac-TriageLinks
A powerful macOS triage collection tool designed for forensic analysis. It gathers critical system artifacts such as FSEvents, Spotlight, Unified Logs, user data and many more, while preserving the original macOS file system structure. Ideal for incident response, digital forensics, and security investigations.
☆20Updated 3 months ago
Alternatives and similar repositories for Mac-Triage
Users that are interested in Mac-Triage are comparing it to the libraries listed below
Sorting:
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Updated last year
- Quick ESXi Log Parser☆21Updated 5 months ago
- Contains compiled binaries of Volatility☆33Updated last month
- ESXi Cyber Security Incident Response Script☆23Updated 9 months ago
- Tools and scripts to deploy and manage OpenRelik instances☆14Updated last week
- ☆21Updated 3 months ago
- Placeholder for my detection repo and misc detection engineering content☆42Updated last year
- ☆23Updated 4 months ago
- A tool for fetching DFIR and other GitHub tools.☆24Updated last month
- Just Another broken Registry Parser (JARP)☆16Updated last year
- A YARA & Malware Analysis Toolkit written in Rust.☆35Updated this week
- This is a repo for fetching Applocker event log by parsing the win-event log☆31Updated 2 years ago
- ☆14Updated last year
- A proof-of-concept re-assembler for reverse VNC traffic.☆25Updated 2 years ago
- A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.☆27Updated 2 years ago
- Baseline a Windows System against LOLBAS☆27Updated last year
- An experimental Velociraptor implementation using cloud infrastructure☆25Updated last week
- ☆22Updated 2 years ago
- ☆17Updated 10 months ago
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Updated 4 months ago
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.☆27Updated 2 years ago
- Invictus Threat Intelligence: IOCs and TTPs from blogs, research and more☆12Updated 3 weeks ago
- Providing Azure pipelines to create an infrastructure and run Atomic tests.☆52Updated last year
- Detection rule validation☆41Updated last year
- VTC - Velociraptor Timeline Creator☆18Updated last year
- ☆14Updated 2 years ago
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆18Updated last year
- ReWrite of AChoir in Go for Cross Platform☆41Updated 4 months ago
- Hundred Days of Yara Challenge☆12Updated 3 years ago
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆34Updated last month