a1l4m / Mac-TriageView external linksLinks
A powerful macOS triage collection tool designed for forensic analysis. It gathers critical system artifacts such as FSEvents, Spotlight, Unified Logs, user data and many more, while preserving the original macOS file system structure. Ideal for incident response, digital forensics, and security investigations.
☆31Oct 24, 2025Updated 3 months ago
Alternatives and similar repositories for Mac-Triage
Users that are interested in Mac-Triage are comparing it to the libraries listed below
Sorting:
- Automatic, fast parsing of browser artifacts☆17Jan 4, 2025Updated last year
- macOS Artifacts☆33Mar 2, 2025Updated 11 months ago
- Contains compiled binaries of Volatility☆36May 18, 2025Updated 8 months ago
- FileSigExtractor is a python based tool which extracts the file signatures of all files within a directory and writes the output to a CSV…☆10Jul 15, 2023Updated 2 years ago
- A simple python script to generate nested folders based on user input. The script will also name and place a template report document and…☆11Jun 19, 2025Updated 7 months ago
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Jun 27, 2023Updated 2 years ago
- /ˈhäjˌpäj/ "a confused mixture."☆13Updated this week
- Fork this repo! Do a Pull Request! As many times as you want! Learn the ins and outs of how to contribute to GitHub! Make your mistakes h…☆14Jun 21, 2024Updated last year
- A C# (.NET 6) tool to compare the file signature of files recursively and inform the user of matches and mismatches☆16Nov 29, 2024Updated last year
- This tool parses Windows EVTX logs to extract login and logout sessions from a security.evtx file. It uses a Tkinter GUI to let you selec…☆31Feb 22, 2025Updated 11 months ago
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated last year
- Zeromutarts Capture the Flag 2013 challenge writeups☆22Dec 9, 2013Updated 12 years ago
- StickyParser - Sticky Notes Forensic. A Windows Sticky Notes Praser (snt and plum.sqlite supported). Additional Feature: SQLite Recovery …☆18Jul 18, 2023Updated 2 years ago
- Automation tool designed to simplify the analysis of PCAP (Packet Capture) files☆18Mar 15, 2024Updated last year
- Windows Forensics Salt States☆20Feb 7, 2026Updated last week
- ReWrite of AChoir in Go for Cross Platform forensic artifact collection and processing☆41Feb 2, 2026Updated last week
- Chiron Unpacker, developed by the Malwation MTR Team, is an Unpacker for Packers using the Assembly.Load function.☆22Oct 10, 2024Updated last year
- Google Filestream Forensic Tool☆22Mar 10, 2022Updated 3 years ago
- ☆28Oct 15, 2025Updated 4 months ago
- ☆25Jul 23, 2024Updated last year
- A tool for fetching DFIR and other GitHub tools.☆25Aug 2, 2025Updated 6 months ago
- A hex viewer for the sleuths!☆20Nov 7, 2025Updated 3 months ago
- Quick ESXi Log Parser☆28Oct 20, 2025Updated 3 months ago
- Forensics artifacts collection☆21Jun 18, 2021Updated 4 years ago
- Hunt for SQLite files used by various applications☆28Jan 31, 2026Updated 2 weeks ago
- WLEAPP is an open source project that aims to parse Windows OS artifacts for the purpose of triage analysis.☆33Nov 16, 2023Updated 2 years ago
- ☆24Mar 12, 2025Updated 11 months ago
- Sample evtx files to use for testing hayabusa detection rules☆64Nov 5, 2025Updated 3 months ago
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆55Jul 2, 2023Updated 2 years ago
- macOS triage is a python script to collect various macOS logs, artifacts, and other data.☆25Mar 25, 2021Updated 4 years ago
- Defender Resource Hub☆30Jan 5, 2026Updated last month
- E-Commerce Clothing Shop Website! This project is a dynamic and user-friendly online store created using WordPress, designed to offer a s…☆10Aug 10, 2024Updated last year
- A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. P…☆27Jan 2, 2023Updated 3 years ago
- Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's☆64Dec 18, 2024Updated last year
- USN Journal full path builder☆65Sep 16, 2024Updated last year
- A YARA & Malware Analysis Toolkit written in Rust.☆92Feb 6, 2026Updated last week
- A GeoIP lookup utility utilizing ipinfo.io services.☆30Dec 1, 2023Updated 2 years ago
- PowerShell scripts for running Magnet RESPONSE forensic collection tool in large enterprises.☆30Jan 9, 2025Updated last year