cclgroupltd / ccl-asl
Python Module for parsing Apple ASL Logs
☆15Updated 9 years ago
Alternatives and similar repositories for ccl-asl:
Users that are interested in ccl-asl are comparing it to the libraries listed below
- macOS XProtect definition files☆40Updated 3 years ago
- OSX Events Monitor☆22Updated 6 years ago
- Automatically exported from code.google.com/p/mac-osx-forensics☆28Updated 9 years ago
- Python script to parse the Most Recently Used (MRU) plist files on macOS into a more human friendly format.☆104Updated 7 years ago
- Golang command line tool for the macOS Endpoint Security Framework☆29Updated 5 years ago
- A minimal malware analysis sandbox for macOS☆29Updated 2 years ago
- Resources for HFS+ Forensics☆36Updated 9 years ago
- Use "Full Disk Access" permissions to read the contents of TCC.db and display it in human-readable format☆39Updated 3 years ago
- ARDvark parses the Apple Remote Desktop (ARD) files to pull out application usage, user activity, and filesystem listings.☆35Updated last year
- macOS triage is a python script to collect various macOS logs, artifacts, and other data.☆27Updated 4 years ago
- Volatility plugin to extract FileVault 2 VMK's☆50Updated 3 years ago
- Plugins for the Viper Framework☆14Updated 5 years ago
- This is a malware analyzer for Mac OS X that extends the Cuckoo Sandbox project (https://cuckoosandbox.org/)☆22Updated 8 years ago
- ☆33Updated 13 years ago
- A Swift port of some of the original PersistentJXA projects by D00MFist. Original PersistentJXA repo: https://github.com/D00MFist/Persist…☆32Updated 4 years ago
- iOS Backup Examiner - A forensics tool for parsing an iOS backup's Info.plist file☆21Updated 8 years ago
- SQBrite is a data recovery tool for SQLite databases☆43Updated 3 years ago
- machofile is a module to parse Mach-O binary files☆51Updated last year
- A small utility to read and write to Macs physical memory using default AppleHWAccess.kext.☆25Updated 9 years ago
- Binaries for the log2timeline projects and dependencies☆39Updated 7 months ago
- The current repository contains all the scripts needed to build kernel-mode mac-a-mal malicious activity hooking on macOS.☆84Updated 6 years ago
- "Fuzzy matching" for SQLite databases☆29Updated 4 years ago
- Scripts to extract compound bplists in the iOS -> KnowledgeC.db -> structuredmetadata table.☆24Updated 5 years ago
- Queries for parsed spotlight database in sqlite☆12Updated 4 years ago
- Parse IE, FireFox, Chrome and Safari Cookies for Google Analytic values☆23Updated 8 years ago
- Set of utilities for getting information about Windows Events☆15Updated 6 years ago
- 010 template for apfs☆25Updated 4 years ago
- Yara syntax highlighting☆25Updated 3 years ago
- a collection of yara rules for binary analysis☆24Updated 7 years ago
- Server for receiving autorun data from the clients☆13Updated 7 years ago