a1l4m / Mac-TriageLinks
A powerful macOS triage collection tool designed for forensic analysis. It gathers critical system artifacts such as FSEvents, Spotlight, Unified Logs, user data and many more, while preserving the original macOS file system structure. Ideal for incident response, digital forensics, and security investigations.
☆17Updated 3 months ago
Alternatives and similar repositories for Mac-Triage
Users that are interested in Mac-Triage are comparing it to the libraries listed below
Sorting:
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Updated last year
- Quick ESXi Log Parser☆20Updated 4 months ago
- Contains compiled binaries of Volatility☆33Updated 2 weeks ago
- Tools and scripts to deploy and manage OpenRelik instances☆13Updated 3 months ago
- ☆14Updated last year
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆33Updated last month
- ESXi Cyber Security Incident Response Script☆22Updated 8 months ago
- Placeholder for my detection repo and misc detection engineering content☆43Updated last year
- This is a repo for fetching Applocker event log by parsing the win-event log☆31Updated 2 years ago
- A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.☆27Updated 2 years ago
- ☆21Updated 2 months ago
- ☆11Updated last year
- ☆21Updated 2 years ago
- Invictus Threat Intelligence: IOCs and TTPs from blogs, research and more☆11Updated last week
- Hundred Days of Yara Challenge☆12Updated 2 years ago
- Detection rule validation☆41Updated last year
- Baseline a Windows System against LOLBAS☆27Updated last year
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆20Updated 7 months ago
- Bloodhound Portable for Windows☆51Updated 2 years ago
- ☆14Updated 2 years ago
- Living off the False Positive!☆37Updated 4 months ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆52Updated 5 months ago
- A public repository of MITRE ATT&ACK TTP mappings by BushidoUK for OSINT reports that lack a section breaking down the TTPs.☆24Updated 2 months ago
- This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam☆27Updated 10 months ago
- A proof-of-concept re-assembler for reverse VNC traffic.☆25Updated 2 years ago
- A YARA & Malware Analysis Toolkit written in Rust.☆31Updated this week
- ☆22Updated 7 months ago
- ShellSweeping the evil.☆52Updated 11 months ago
- Thor Artifacts for Velociraptor☆16Updated 11 months ago
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.☆27Updated 2 years ago