Scripts to parse various iOS sysdiagnose logs. Based upon the forensic research of Mattia Epifani, Heather Mahalik and Cheeky4n6monkey.
☆204Oct 29, 2022Updated 3 years ago
Alternatives and similar repositories for iOS_sysdiagnose_forensic_scripts
Users that are interested in iOS_sysdiagnose_forensic_scripts are comparing it to the libraries listed below
Sorting:
- Forensic toolkit for iOS sysdiagnose feature☆247Feb 9, 2026Updated 3 weeks ago
- iOS Logs, Events, And Plist Parser☆1,023Feb 12, 2026Updated 2 weeks ago
- Bash script to extract data from a "chekcra1ned" iOS device☆159Jun 7, 2020Updated 5 years ago
- Forensic Scripts☆155Mar 28, 2025Updated 11 months ago
- Apple Pattern of Life Lazy Output'er☆635Feb 25, 2024Updated 2 years ago
- ☆67Feb 19, 2025Updated last year
- This is to edit a training forensic image file (raw/dd) and zero out all the unnecessary files.☆11Jun 21, 2025Updated 8 months ago
- Returns Logs Events And Properties Parser☆124Dec 24, 2025Updated 2 months ago
- Forensic Artifact Collection Tool for macOS☆118Jul 28, 2025Updated 7 months ago
- ☆22Oct 3, 2019Updated 6 years ago
- A curated list of iOS Forensics References, organized by folder with specific references (links to blog post, research paper, articles, a…☆227Dec 1, 2023Updated 2 years ago
- A script to mine SQLite databases for hidden gems that might be overlooked☆58Sep 19, 2020Updated 5 years ago
- Scripts to extract compound bplists in the iOS -> KnowledgeC.db -> structuredmetadata table.☆27May 12, 2019Updated 6 years ago
- macOS (& ios) Artifact Parsing Tool☆1,003Updated this week
- Fun with iOS☆13Aug 3, 2013Updated 12 years ago
- Parser for OSX/iOS FSEvents Logs☆276Dec 4, 2024Updated last year
- A fork of The Sleuthkit with Pooled Storage and APFS support. See https://www.youtube.com/watch?v=k1XPillJ7aw for more info and usage.☆26Oct 27, 2019Updated 6 years ago
- Script to recover deleted entries in an SQLite database☆196Apr 12, 2016Updated 9 years ago
- A parser for Unified logging tracev3 files☆97Jul 25, 2025Updated 7 months ago
- Bash script to extract data from an Android device☆278Oct 28, 2022Updated 3 years ago
- Script to process PDF files☆21May 23, 2025Updated 9 months ago
- MS Word (DOCx) Parsing Tool☆23Updated this week
- Module(s) related to reading SEGB (fka "Biome") data from iOS, mascOS, etc.☆28Sep 9, 2025Updated 5 months ago
- Tools for macOS Forensic Bootable media☆15May 20, 2020Updated 5 years ago
- Script to download and decrypt memories and MEO from Snapchat on IOS. Requires the keys for memories to be present in the keychain, as we…☆15Oct 31, 2022Updated 3 years ago
- Slides and resources for talks I've given☆15Feb 20, 2026Updated last week
- Yet another fseventsd parser for macOS forensics☆12Jul 20, 2024Updated last year
- Accompanying code for blog post "Mapping iOS Persistence Attack Surface using Corellium"☆11Jun 10, 2025Updated 8 months ago
- A cross platform parser for Apple UnifiedLogs!☆330Feb 15, 2026Updated 2 weeks ago
- ☆344Sep 23, 2025Updated 5 months ago
- ☆13Mar 18, 2023Updated 2 years ago
- Search datasets for Bitlocker recovery files and triage live systems for Bitlocker keys.☆51Jan 26, 2025Updated last year
- iOS Photos.sqlite queries that may help with decoding data stored in Photos.sqlite. These queries are based on testing, research and some…☆70Mar 19, 2024Updated last year
- Python 3 Script to parse out iTunes backups☆190Oct 16, 2023Updated 2 years ago
- macOS forensic acquisition made simple☆220Feb 14, 2026Updated 2 weeks ago
- A script to convert a Cellebrite UFDR to the original file structure.☆74Mar 21, 2022Updated 3 years ago
- iOS Mobile Backup Extractor☆200May 28, 2022Updated 3 years ago
- Android Usagestats XML + Protobuf Parser☆28Oct 11, 2020Updated 5 years ago
- Extract files from Apple devices on Windows, Linux and MacOS. Mostly a wrapper for pymobiledevice3. Creates iTunes-style backups and "adv…☆432Feb 9, 2026Updated 2 weeks ago