bolodev / osxripper

Related projects: ⓘ

• bradleyjkemp / sigma-esf
  Run Sigma detection rules on logs from the new MacOS EndpointSecurity Framework
  ☆20Updated 3 years ago
• WithSecureLabs / macOSTriageCollectionScript
  A triage data collection script for macOS
  ☆25Updated 3 years ago
• ydkhatri / spotlight_queries
  Queries for parsed spotlight database in sqlite
  ☆11Updated 3 years ago
• mcarmanize / esfriend
  A minimal malware analysis sandbox for macOS
  ☆26Updated last year
• mac4n6 / FSEventsParser
  Parser fo macOS/iOS FSEvents Logs
  ☆21Updated 4 months ago
• zmbf0r3ns1cs / mac_int
  macOS Artifact Intelligence Tool
  ☆13Updated 5 years ago
• mdegrazia / Google-Analytic-Cookie-Cruncher
  Parse IE, FireFox, Chrome and Safari Cookies for Google Analytic values
  ☆23Updated 8 years ago
• Silv3rHorn / autoripy
  Attempt to replicate the functions of auto_rip by Corey Harrell in Python.
  ☆13Updated last month
• ahhh / macOS_profiles
  a collection of profiles for macOS designed for penetration testing or red teaming
  ☆28Updated 5 years ago
• nrvana / macOS-triage
  macOS triage is a python script to collect various macOS logs, artifacts, and other data.
  ☆25Updated 3 years ago
• net-protect / google-fs-recover
  Google Filestream Forensic Tool
  ☆16Updated 2 years ago
• cclgroupltd / chrome-profile-view
  Python web app for previewing data in a Chrome Profile Folder
  ☆15Updated 2 months ago
• daguy666 / Transit
  MacOS incident Response Toolkit. Mostly written while stuck on a NJTransit train.
  ☆20Updated 4 years ago
• Recruit-CSIRT / macApfsMounter
  A small tool to easily mount APFS image on macOS for forensics.
  ☆14Updated 4 years ago
• randomaccess3 / 4n6_stuff
  Git for me to put all my forensics stuff
  ☆21Updated 3 weeks ago
• mandiant / ARDvark
  ARDvark parses the Apple Remote Desktop (ARD) files to pull out application usage, user activity, and filesystem listings.
  ☆34Updated last year
• forensicmatt / RustyReg
  Registry to JSON. This Project is for learning purposes and is not maintained.
  ☆12Updated 2 years ago
• mgreen27 / EventLogs
  ☆18Updated this week
• mdegrazia / Chrome-Parse
  Parse Chrome History and Downloads into TSV or TLN format
  ☆15Updated 8 years ago
• forensicmatt / PancakeViewer
  A DFVFS Backed Forensic Viewer
  ☆38Updated 4 years ago
• richiercyrus / Venator-Swift
  Swift Command line tool used for proactive detection of malicious activity on macOS systems.
  ☆68Updated 4 years ago
• cocaman / analysis_scripts
  Collection of scripts used to analyse malware or emails
  ☆19Updated 3 years ago
• swisscom / PowerSponse
  PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.
  ☆38Updated 2 years ago
• woanware / lookuper
  Looks stuff up (MD5, SHA256, IP, Domains, URL's, strings e.g. mutexes)...
  ☆36Updated 7 years ago
• mischif / PORTALofPi
  ☆11Updated this week
• ninoseki / iocingestor
  An extendable tool to extract and aggregate IoCs from threat feeds
  ☆32Updated 7 months ago
• tedsmith / NSRL-Stripper
  A simple utility for stripping out either the SHA-1, MD5 or CRC values alone from the NSRL hash database
  ☆14Updated 2 years ago
• 00010111 / gMetaDataParse
  ☆19Updated last year
• bgrundy / cheatsheets-forensic
  Forensic cheatsheets for use with cheat
  ☆15Updated 2 years ago
• woanware / volatility-runner
  volatility-runner is a command line application designed to speed up memory forensics using the volatility framework, primarily for insta…
  ☆11Updated 5 years ago