a1l4m / Mac-TriageLinks
A powerful macOS triage collection tool designed for forensic analysis. It gathers critical system artifacts such as FSEvents, Spotlight, Unified Logs, user data and many more, while preserving the original macOS file system structure. Ideal for incident response, digital forensics, and security investigations.
☆25Updated 7 months ago
Alternatives and similar repositories for Mac-Triage
Users that are interested in Mac-Triage are comparing it to the libraries listed below
Sorting:
- Quick ESXi Log Parser☆26Updated last month
- Contains compiled binaries of Volatility☆35Updated 4 months ago
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆68Updated 2 years ago
- ESXi Cyber Security Incident Response Script☆25Updated last year
- ☆22Updated 2 years ago
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆34Updated 3 months ago
- A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.☆27Updated 3 years ago
- Thor Artifacts for Velociraptor☆17Updated last year
- PowerShell scripts for running Magnet RESPONSE forensic collection tool in large enterprises.☆28Updated 8 months ago
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Updated 2 years ago
- Tools and scripts to deploy and manage OpenRelik instances☆15Updated 3 months ago
- A tool for fetching DFIR and other GitHub tools.☆24Updated 2 months ago
- ☆21Updated 6 months ago
- macOS Artifacts☆31Updated 7 months ago
- ReWrite of AChoir in Go for Cross Platform☆41Updated last month
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆54Updated 10 months ago
- ☆25Updated 8 months ago
- Penguin OS Forensic (or Flight) Recorder☆40Updated 9 months ago
- A Windows Event Log MCP☆37Updated last month
- my MSTICpy practice and custom tools repository☆11Updated 5 months ago
- Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.☆17Updated last year
- Linux Baseline and Forensic Triage Tool - BETA☆57Updated 3 years ago
- A YARA & Malware Analysis Toolkit written in Rust.☆51Updated 2 months ago
- Sigma detection rules for hunting with the threathunting-keywords project☆56Updated 7 months ago
- Initial triage of Windows Event logs☆102Updated last year
- A simple script to read the contents of a zip/tar/folder and extract metadata☆20Updated 5 months ago
- Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE☆33Updated last year
- Detection rule validation☆41Updated last year
- ☆20Updated 3 months ago
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Updated 8 months ago