a1l4m / Mac-TriageLinks
A powerful macOS triage collection tool designed for forensic analysis. It gathers critical system artifacts such as FSEvents, Spotlight, Unified Logs, user data and many more, while preserving the original macOS file system structure. Ideal for incident response, digital forensics, and security investigations.
☆24Updated 5 months ago
Alternatives and similar repositories for Mac-Triage
Users that are interested in Mac-Triage are comparing it to the libraries listed below
Sorting:
- Contains compiled binaries of Volatility☆34Updated 3 months ago
- Quick ESXi Log Parser☆24Updated this week
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆69Updated last year
- A tool for fetching DFIR and other GitHub tools.☆24Updated 3 weeks ago
- Tools and scripts to deploy and manage OpenRelik instances☆14Updated 2 months ago
- ESXi Cyber Security Incident Response Script☆25Updated 11 months ago
- ☆22Updated 2 years ago
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Updated 2 years ago
- Detection rule validation☆41Updated last year
- A YARA & Malware Analysis Toolkit written in Rust.☆48Updated 3 weeks ago
- ☆24Updated 6 months ago
- Thor Artifacts for Velociraptor☆17Updated last year
- A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.☆27Updated 3 years ago
- Linux Baseline and Forensic Triage Tool - BETA☆57Updated 2 years ago
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆33Updated last month
- Search datasets for Bitlocker recovery files and triage live systems for Bitlocker keys.☆44Updated 6 months ago
- macOS Artifacts☆31Updated 5 months ago
- PowerShell scripts for running Magnet RESPONSE forensic collection tool in large enterprises.☆27Updated 7 months ago
- ☆21Updated 5 months ago
- Placeholder for my detection repo and misc detection engineering content☆42Updated last year
- Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.☆15Updated last year
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆53Updated 8 months ago
- macOS forensic timeline generator using the analysis result DBs of mac_apt☆94Updated last year
- Rapid7 Labs operates as the division of Rapid7 focused on threat research. It is renowned for providing comprehensive threat intelligence…☆69Updated 2 months ago
- Penguin OS Forensic (or Flight) Recorder☆40Updated 8 months ago
- my MSTICpy practice and custom tools repository☆11Updated 4 months ago
- Python script to walk a folder or a zip file for SQLite Databases☆38Updated last year
- ReWrite of AChoir in Go for Cross Platform☆40Updated last month
- A preconfigured Windows-based system designed for rapid forensic investigations in both Azure and AWS.☆39Updated last year
- Automatic, fast parsing of browser artifacts☆17Updated 7 months ago