Alternatives and similar repositories for MacResponse-Forensics

Users that are interested in MacResponse-Forensics are comparing it to the libraries listed below

• laincode / latig0sx
  OSX Security Compliance & Hardening
  ☆49Updated 9 years ago
• gdbinit / readphysmem
  A small utility to read and write to Macs physical memory using default AppleHWAccess.kext.
  ☆25Updated 9 years ago
• legbacore / t2e_integrity_check
  Integrity checking script for Apple Thunderbolt to Ethernet adapters, to check for attacks similar to Thunderstrike 2
  ☆26Updated 9 years ago
• AlfredoAbarca / OSXMon
  OSX Events Monitor
  ☆22Updated 6 years ago
• knightsc / XProtect
  macOS XProtect definition files
  ☆40Updated 3 years ago
• sud0man / pac4mac
  Automatically exported from code.google.com/p/pac4mac
  ☆40Updated 6 years ago
• mac4n6 / HFSPlus_Resources
  Resources for HFS+ Forensics
  ☆36Updated 9 years ago
• tribalchicken / volatility-filevault2
  Volatility plugin to extract FileVault 2 VMK's
  ☆50Updated 3 years ago
• rickmark / mojo_thor
  Research about malware that infects the EFI and SMC of Apple MacBooks.
  ☆57Updated last month
• gdbinit / av-monster
  PoC kext to disable OS X anti-virus software
  ☆15Updated 13 years ago
• 0xcpu / bonomen
  BONOMEN - Hunt for Malware Critical Process Impersonation
  ☆48Updated 4 years ago
• jndok / ropnroll
  An OSX exploitation helper library.
  ☆35Updated 9 years ago
• garrett-davidson / iOS-Backup-Forensics-Toolkit
  Decrypts local iOS backups and recreates file system, with a framework for automatically extracting useful information
  ☆42Updated 9 years ago
• gdbinit / diagnostic_service
  OS X rootkit loader version #1
  ☆18Updated 10 years ago
• ahhh / YARA
  a collection of yara rules for binary analysis
  ☆24Updated 7 years ago
• williballenthin / LfLe
  Recover event log entries from an image by heurisitically looking for record structures.
  ☆27Updated 9 years ago
• snare / efitools
  Some tools for EFI hackery
  ☆41Updated 13 years ago
• fmartingr / iosfu
  iOS forensics utility
  ☆12Updated 7 years ago
• mandiant / ARDvark
  ARDvark parses the Apple Remote Desktop (ARD) files to pull out application usage, user activity, and filesystem listings.
  ☆35Updated last year
• trailofbits / ios-integrity-validator
  Integrity validator for iOS devices
  ☆102Updated 6 years ago
• w8mej / IRKnowledge
  A curated list of tools for incident response
  ☆29Updated last year
• joswr1ght / nm2lp
  Convert Windows Netmon Monitor Mode Wireless Packet Captures to Libpcap Format
  ☆15Updated 5 years ago
• log2timeline / dfimagetools
  Collection of tools for processing storage media images
  ☆13Updated 4 months ago
• 403labs / recon-ng_modules
  Recon-ng modules that won't get accepted into the main distribution because of 3rd party dependencies.
  ☆18Updated 11 years ago
• vivami / grey_fox
  The grey fox
  ☆25Updated 8 years ago
• gdbinit / mpress_dumper
  MPRESS dumper for OS X
  ☆66Updated 10 years ago
• gdbinit / can_I_suid
  A TrustedBSD module to control execution of binaries with suid bit set
  ☆37Updated 10 years ago
• 1N3 / SuperMicro-Password-Scanner
  Supermicro IPMI/BMC Cleartext Password Scanner
  ☆39Updated 9 years ago
• 504ensicsLabs / find_times
  Discover potential timestamps within the Windows Registry
  ☆18Updated 11 years ago
• t00sh / elf-poison
  Proof Of Concept for inserting code in ELF binaries.
  ☆26Updated 11 years ago