A powerful macOS triage collection tool designed for forensic analysis. It gathers critical system artifacts such as FSEvents, Spotlight, Unified Logs, user data and many more, while preserving the original macOS file system structure. Ideal for incident response, digital forensics, and security investigations.
☆44Oct 24, 2025Updated 7 months ago
Alternatives and similar repositories for Mac-Triage
Users that are interested in Mac-Triage are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Automatic, fast parsing of browser artifacts☆17Jan 4, 2025Updated last year
- macOS Artifacts☆33Mar 2, 2025Updated last year
- Contains compiled binaries of Volatility☆36May 18, 2025Updated last year
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Jun 27, 2023Updated 2 years ago
- A simple python script to generate nested folders based on user input. The script will also name and place a template report document and…☆12May 6, 2026Updated last month
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Quick script to build host or investigation timelines using Carbon Black Response☆12Sep 25, 2018Updated 7 years ago
- Forensics artifacts collection☆21Jun 18, 2021Updated 4 years ago
- DFIR Timeline Analysis for macOS — SQLite-backed viewer for CSV, TSV, XLSX, EVTX, Plaso, $MFT, and $J files with AI Artifacts, AI Secret …☆289Jun 6, 2026Updated last week
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- Fork this repo! Do a Pull Request! As many times as you want! Learn the ins and outs of how to contribute to GitHub! Make your mistakes h…☆14Jun 21, 2024Updated last year
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated 2 years ago
- StickyParser - Sticky Notes Forensic. A Windows Sticky Notes Praser (snt and plum.sqlite supported). Additional Feature: SQLite Recovery …☆21Jul 18, 2023Updated 2 years ago
- This tool parses Windows EVTX logs to extract login and logout sessions from a security.evtx file. It uses a Tkinter GUI to let you selec…☆31Feb 22, 2025Updated last year
- /ˈhäjˌpäj/ "a confused mixture."☆15Jun 1, 2026Updated 2 weeks ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Hunt for SQLite files used by various applications☆31Mar 1, 2026Updated 3 months ago
- Quick ESXi Log Parser☆33Oct 20, 2025Updated 7 months ago
- Windows Forensics Salt States☆22Updated this week
- A C# (.NET 6) tool to compare the file signature of files recursively and inform the user of matches and mismatches☆17Nov 29, 2024Updated last year
- Automation tool designed to simplify the analysis of PCAP (Packet Capture) files☆18Mar 31, 2026Updated 2 months ago
- Zeromutarts Capture the Flag 2013 challenge writeups☆22Dec 9, 2013Updated 12 years ago
- The API for CVEs and USNs data.☆21Updated this week
- macOS triage is a python script to collect various macOS logs, artifacts, and other data.☆26Mar 25, 2021Updated 5 years ago
- The repository contains three lists. You only need to use one. Global proxy list or proxy list from RU, BU, KZ or proxy list by RU region☆10Mar 27, 2026Updated 2 months ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Google Filestream Forensic Tool☆22Mar 10, 2022Updated 4 years ago
- Klara docker compose☆11May 19, 2020Updated 6 years ago
- ☆25Jul 23, 2024Updated last year
- Basic network sec tool for real-time threat detection and C2 communication prevention. Features 70+ detection modules, IOC integration, c…☆17Jun 11, 2024Updated 2 years ago
- Injecting DLL into LSASS at boot☆157Apr 29, 2025Updated last year
- Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's☆65Dec 18, 2024Updated last year
- ☆23Mar 12, 2025Updated last year
- iOS Carrier Bundles - Collected using a GitHub Workflow☆29Jun 3, 2026Updated last week
- A tool for fetching DFIR and other GitHub tools.☆29Aug 2, 2025Updated 10 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- macOS .DS_Store Parser☆81Aug 17, 2021Updated 4 years ago
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆58Jul 2, 2023Updated 2 years ago
- ☆28Oct 15, 2025Updated 8 months ago
- AWS X-Ray for Covert Command & Control☆48Oct 13, 2025Updated 8 months ago
- Portable Windows forensic tool for reviewing Firefox-like and Chromium-based browser artifacts, with labeling, search, CLI processing, an…☆57May 10, 2026Updated last month
- WLEAPP is an open source project that aims to parse Windows OS artifacts for the purpose of triage analysis.☆35Nov 16, 2023Updated 2 years ago
- Multi-agent AI system using GPT-4o, DeepSeek v3, and Llama 3.3 to detect if CVE vulnerabilities were exploited as zero-days. Analyzes…☆20Feb 13, 2026Updated 4 months ago