cclgroupltd / ccl-aslLinks
Python Module for parsing Apple ASL Logs
☆15Updated 9 years ago
Alternatives and similar repositories for ccl-asl
Users that are interested in ccl-asl are comparing it to the libraries listed below
Sorting:
- Golang command line tool for the macOS Endpoint Security Framework☆29Updated 5 years ago
- macOS XProtect definition files☆40Updated 3 years ago
- A minimal malware analysis sandbox for macOS☆29Updated 2 years ago
- This is a malware analyzer for Mac OS X that extends the Cuckoo Sandbox project (https://cuckoosandbox.org/)☆23Updated 8 years ago
- Automatically exported from code.google.com/p/mac-osx-forensics☆28Updated 9 years ago
- A small utility to read and write to Macs physical memory using default AppleHWAccess.kext.☆25Updated 9 years ago
- Tools for macOS Forensic Bootable media☆15Updated 5 years ago
- XProtect configuration files stats☆20Updated 7 years ago
- Python script to parse the Most Recently Used (MRU) plist files on macOS into a more human friendly format.☆104Updated 7 years ago
- Volatility plugin to extract FileVault 2 VMK's☆50Updated 3 years ago
- Resources for HFS+ Forensics☆37Updated 9 years ago
- Recover event log entries from an image by heurisitically looking for record structures.☆27Updated 9 years ago
- a collection of yara rules for binary analysis☆24Updated 7 years ago
- A module to expose the Endpoint Security library to Swift☆20Updated 5 years ago
- machofile is a module to parse Mach-O binary files☆51Updated last year
- Use "Full Disk Access" permissions to read the contents of TCC.db and display it in human-readable format☆39Updated 3 years ago
- Scripts from my book OS X Incident Response Scripting and Analysis -> https://www.amazon.com/dp/012804456X/ref=cm_sw_r_tw_dp_U_x_fQeLAb68…☆49Updated 8 years ago
- ☆31Updated 11 months ago
- Binaries for the log2timeline projects and dependencies☆39Updated 8 months ago
- Parse IE, FireFox, Chrome and Safari Cookies for Google Analytic values☆23Updated 8 years ago
- OSX Events Monitor☆22Updated 6 years ago
- Volatility memory forensics plugin for extracting Windows DNS Cache☆29Updated 8 years ago
- SQBrite is a data recovery tool for SQLite databases☆43Updated 3 years ago
- tracy - a system call tracer and injector. Find us in #tracy on irc.freenode.net☆33Updated last year
- ARDvark parses the Apple Remote Desktop (ARD) files to pull out application usage, user activity, and filesystem listings.☆35Updated 2 years ago
- ☆66Updated 2 years ago
- Slides and material from my conference presentations☆16Updated last year
- The grey fox☆25Updated 8 years ago
- Crack your macros like the math pros.☆33Updated 8 years ago
- Integrity validator for iOS devices☆102Updated 6 years ago