Alternatives and similar repositories for Mac-Triage:

Users that are interested in Mac-Triage are comparing it to the libraries listed below

• WesSec / VelociDeploy-o-Matic
  Scripts to for ready-to-use Velociraptor instance deployment in Azure
  ☆13Updated last year
• strozfriedberg / qelp
  Quick ESXi Log Parser
  ☆17Updated 2 months ago
• stuxnet999 / volatility-binaries
  Contains compiled binaries of Volatility
  ☆33Updated 2 months ago
• ACE-Responder / rpcfirewall-extended-telemetry
  ☆14Updated 10 months ago
• RomaissaAdjailia / Get-AppLockerEventlog
  This is a repo for fetching Applocker event log by parsing the win-event log
  ☆30Updated 2 years ago
• 0xThiebaut / PCAPeek
  A proof-of-concept re-assembler for reverse VNC traffic.
  ☆25Updated last year
• stairwell-inc / cobalt-strike-stager-parser
  ☆34Updated 2 years ago
• sandmaxprime / VagrantMalwareWin10VM
  Vagrant Files to create a Virtualbox VM for Malware Analysis
  ☆13Updated 3 years ago
• MalwareTech / FollinaExtractor
  Extract payload URLs from Follina (CVE-2022-30190) docx and rtf files
  ☆31Updated 2 years ago
• NextronSystems / velociraptor-artifacts-thor
  Thor Artifacts for Velociraptor
  ☆15Updated 9 months ago
• CD-R0M / YARA
  Hundred Days of Yara Challenge
  ☆12Updated 2 years ago
• AmirHoseinTangsiriNET / EventLogSilencer
  EventLogSilencer is a PowerShell script designed for disable Windows Event Logging
  ☆16Updated last year
• forensicxlab / volatility3_plugins
  ☆22Updated 8 months ago
• NexusFuzzy / raccoon_config
  Scans a list of raccoon servers from Tria.ge and extracts the config
  ☆15Updated last year
• Beercow / DFIR_Toolbar
  ☆19Updated 2 months ago
• montysecurity / InfraSpyder
  Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.
  ☆27Updated last year
• randomaccess3 / block-parser
  Parser for Windows PowerShell script block logs
  ☆13Updated 3 months ago
• naacbin / CovenantDecryptor
  ☆20Updated last year
• ANSSI-FR / orc2timeline
  orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them
  ☆32Updated 4 months ago
• tstromberg / sunlight
  Linux #rootkit and #malware revealer
  ☆24Updated 8 months ago
• embee-research / Yara-detection-rules
  Yara Rules for Modern Malware
  ☆75Updated last year
• AhmedKamal1432 / Evilize
  Triaging Windows event logs based on SANS Poster
  ☆39Updated 2 years ago
• dwmetz / MalChela
  A YARA & Malware Analysis Toolkit written in Rust.
  ☆19Updated last week
• cybergoatpsyops / detections
  Placeholder for my detection repo and misc detection engineering content
  ☆43Updated last year
• DISREL / Conti-Leaked-Playbook-TTPs
  MITRE TTPs derived from Conti's leaked playbooks from XSS.IS
  ☆37Updated 3 years ago
• Velocidex / SQLiteHunter
  Hunt for SQLite files used by various applications
  ☆23Updated last week
• NorthwaveSecurity / lilo-pulse-secure-decrypt
  LILO based Pulse Secure appliance disk image decryptor
  ☆12Updated last year
• plonxyz / 4n6pi
  ☆17Updated 7 months ago
• jstrosch / FLARE-VM-configs
  These FLARE-VM configuration files are designed to be help setup a purpose-built installation, remove unnecessary packages to help stream…
  ☆14Updated 11 months ago
• BlackSnufkin / CheckPlz
  Scan files for potential threats while leveraging AMSI (Antimalware Scan Interface) and Windows Defender. By isolating malicious content.
  ☆14Updated 3 months ago