cclgroupltd / ccl-asl

Related projects: ⓘ

• mcarmanize / esfriend
  A minimal malware analysis sandbox for macOS
  ☆26Updated last year
• knightsc / XProtect
  macOS XProtect definition files
  ☆38Updated 2 years ago
• sandialabs / mac-sandbox
  This is a malware analyzer for Mac OS X that extends the Cuckoo Sandbox project (https://cuckoosandbox.org/)
  ☆21Updated 8 years ago
• AlfredoAbarca / OSXMon
  OSX Events Monitor
  ☆21Updated 6 years ago
• jjarava / mac-osx-forensics
  Automatically exported from code.google.com/p/mac-osx-forensics
  ☆26Updated 8 years ago
• tribalchicken / volatility-filevault2
  Volatility plugin to extract FileVault 2 VMK's
  ☆49Updated 3 years ago
• slyd0g / SwiftParseTCC
  Use "Full Disk Access" permissions to read the contents of TCC.db and display it in human-readable format
  ☆37Updated 3 years ago
• mac4n6 / macMRU-Parser
  Python script to parse the Most Recently Used (MRU) plist files on macOS into a more human friendly format.
  ☆100Updated 6 years ago
• mandiant / ARDvark
  ARDvark parses the Apple Remote Desktop (ARD) files to pull out application usage, user activity, and filesystem listings.
  ☆34Updated last year
• davehull / Mal-Seine
  Why hunt when you can seine?
  ☆21Updated 9 years ago
• prsecurity / macos_execute_from_memory
  ☆31Updated this week
• jantrim / iosbackupexaminer
  iOS Backup Examiner - A forensics tool for parsing an iOS backup's Info.plist file
  ☆22Updated 7 years ago
• mdegrazia / Google-Analytic-Cookie-Cruncher
  Parse IE, FireFox, Chrome and Safari Cookies for Google Analytic values
  ☆23Updated 8 years ago
• benb116 / Gone-Phishing-2
  New and Improved
  ☆16Updated 8 years ago
• xorrior / goesf
  Golang command line tool for the macOS Endpoint Security Framework
  ☆29Updated 4 years ago
• gdbinit / readphysmem
  A small utility to read and write to Macs physical memory using default AppleHWAccess.kext.
  ☆25Updated 9 years ago
• mac4n6 / HFSPlus_Resources
  Resources for HFS+ Forensics
  ☆35Updated 8 years ago
• melomac / XPlist
  XProtect configuration files stats
  ☆20Updated 6 years ago
• sud0man / pac4mac
  Automatically exported from code.google.com/p/pac4mac
  ☆39Updated 5 years ago
• pstirparo / machofile
  machofile is a module to parse Mach-O binary files
  ☆47Updated 7 months ago
• Yara-Rules / r2yara
  r2yara - Module for Yara using radare2 information
  ☆33Updated 11 months ago
• ainfosec / MacResponse-Forensics
  ☆33Updated 12 years ago
• tedhardyMSFT / EventLogUtilities
  Set of utilities for getting information about Windows Events
  ☆15Updated 6 years ago
• carlpulley / volatility
  A collection of Volatility Framework plugins.
  ☆26Updated 11 years ago
• SynAckJack / macOS-ir
  ☆17Updated this week
• cugu / ac
  ☆16Updated this week
• davidpany / rr_parseomater
  RegRipper wrapper for simplified bulk parsing or registry hives
  ☆10Updated 6 years ago
• BlackSquirrelz / nidaba
  Some thingy that copies macOS specific forensic artifacts to the location where the script is run from and also generates some folders. B…
  ☆14Updated 2 years ago
• ydkhatri / macOS_FE
  Tools for macOS Forensic Bootable media
  ☆15Updated 4 years ago