a1l4m / Mac-Triage
A powerful macOS triage collection tool designed for forensic analysis. It gathers critical system artifacts such as FSEvents, Spotlight, Unified Logs, user data and many more, while preserving the original macOS file system structure. Ideal for incident response, digital forensics, and security investigations.
☆14Updated last month
Alternatives and similar repositories for Mac-Triage:
Users that are interested in Mac-Triage are comparing it to the libraries listed below
- ☆14Updated 11 months ago
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆13Updated last year
- This is a repo for fetching Applocker event log by parsing the win-event log☆30Updated 2 years ago
- A proof-of-concept re-assembler for reverse VNC traffic.☆25Updated last year
- Quick ESXi Log Parser☆19Updated 3 months ago
- Create a cool process tree like https://twitter.com/ACEResponder.☆35Updated 2 years ago
- Placeholder for my detection repo and misc detection engineering content☆43Updated last year
- Scans a list of raccoon servers from Tria.ge and extracts the config☆15Updated last year
- EventLogSilencer is a PowerShell script designed for disable Windows Event Logging☆16Updated last year
- ☆34Updated 2 years ago
- A simple tool designed to create Atomic Red Team tests with ease.☆39Updated last month
- Contains compiled binaries of Volatility☆33Updated 3 months ago
- A project created with an aim to emulate and test exfiltration of data over different network protocols.☆31Updated 2 years ago
- CIS Benchmark testing of Windows SIEM configuration☆44Updated last year
- ☆14Updated 2 years ago
- Detect Remote Local Credentials Dumping using a Shadow Snapshot☆21Updated 2 months ago
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆18Updated last year
- Scan files for potential threats while leveraging AMSI (Antimalware Scan Interface) and Windows Defender. By isolating malicious content.☆15Updated 3 months ago
- Repository for LNK stuff☆30Updated 2 years ago
- Python tool to find vulnerable AD object and generating csv report☆26Updated 2 years ago
- A YARA & Malware Analysis Toolkit written in Rust.☆21Updated last week
- Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).☆55Updated 2 years ago
- ☆17Updated 6 months ago
- CyberWarFare Labs hands-on workshop on the topic "Detecting Adversarial Tradecrafts/Tools by leveraging ETW"☆49Updated 3 years ago
- Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's☆61Updated 4 months ago
- ☆10Updated last year
- ☆33Updated 3 years ago
- Invoke-AtomicAssessment is a powerful tool designed to facilitate adversary emulation by leveraging Atomic Red Team.☆37Updated 3 months ago
- Info related to the Outflank training: Microsoft Office Offensive Tradecraft☆52Updated 11 months ago
- ☆18Updated last year