File recovery for APFS
☆161Apr 20, 2022Updated 3 years ago
Alternatives and similar repositories for afro
Users that are interested in afro are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- APFS filesystem format for Kaitai Struct☆81Apr 20, 2022Updated 3 years ago
- Mount, dump and analyze APFS volumes and containers☆40Dec 1, 2017Updated 8 years ago
- A small tool to easily mount APFS image on macOS for forensics.☆16Jul 30, 2020Updated 5 years ago
- Tools for macOS Forensic Bootable media☆16May 20, 2020Updated 5 years ago
- 010 template for apfs☆27Feb 26, 2021Updated 5 years ago
- Read and extract data from macOS spotlight databases☆129Dec 7, 2025Updated 3 months ago
- A fork of The Sleuthkit with Pooled Storage and APFS support. See https://www.youtube.com/watch?v=k1XPillJ7aw for more info and usage.☆27Oct 27, 2019Updated 6 years ago
- Registry Miner☆14Apr 10, 2018Updated 7 years ago
- ☆22Oct 3, 2019Updated 6 years ago
- DFF (Digital Forensics Framework)☆11Jan 6, 2021Updated 5 years ago
- Utility for performing data recovery and analysis of APFS partitions/containers.☆181Jan 7, 2024Updated 2 years ago
- Python script to parse the Most Recently Used (MRU) plist files on macOS into a more human friendly format.☆110Feb 22, 2018Updated 8 years ago
- Windows 10 Live Information viewer☆38Jan 27, 2022Updated 4 years ago
- Digital Forensics Virtual File System (dfVFS)☆219Feb 15, 2026Updated last month
- macOS (& ios) Artifact Parsing Tool☆1,015Mar 8, 2026Updated 2 weeks ago
- macOS Artifact Intelligence Tool☆13Apr 30, 2019Updated 6 years ago
- Python library for parsing AccessData AD1 images☆34Jun 1, 2023Updated 2 years ago
- Yet another fseventsd parser for macOS forensics☆12Jul 20, 2024Updated last year
- Collection of SQL query templates for digital forensics use by platform and application.☆114Apr 17, 2021Updated 4 years ago
- A simple utility for stripping out either the SHA-1, MD5 or CRC values alone from the NSRL hash database☆14Nov 19, 2021Updated 4 years ago
- Library and tools to access the Apple File System (APFS)☆396Dec 16, 2025Updated 3 months ago
- incident response tool for iOS devices☆51Apr 27, 2022Updated 3 years ago
- Decode security descriptors in $Secure on NTFS☆22Feb 24, 2022Updated 4 years ago
- Python utilities related to plists☆55Oct 28, 2025Updated 4 months ago
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated last year
- API for parsing binary files using a predefined grammar☆15Nov 17, 2016Updated 9 years ago
- It is based on bulk_extractor (https://github.com/simsong/bulk_extractor) and add scanners for record carving☆42Apr 23, 2020Updated 5 years ago
- CLBX file format☆20May 13, 2021Updated 4 years ago
- A DFVFS Backed Forensic Viewer☆42Apr 13, 2020Updated 5 years ago
- This package provides an S3 implementation for Go1.16 filesystem interface.☆13Mar 7, 2026Updated 2 weeks ago
- kaitaigo is a compiler and runtime to create Go parsers from Kaitai Struct files☆18Apr 20, 2022Updated 3 years ago
- A parser for Unified logging tracev3 files☆97Jul 25, 2025Updated 8 months ago
- MS Word (DOCx) Parsing Tool☆25Mar 14, 2026Updated last week
- Git for me to put all my forensics stuff☆23Sep 2, 2025Updated 6 months ago
- Parse Manifest.mbdb files from iTunes backup directories☆20Jun 29, 2017Updated 8 years ago
- A simple Cocoa sqlite viewer and a QuickLook plugin to view sqlite database files.☆12Feb 17, 2014Updated 12 years ago
- An efficient tool for search files, directories, and alternate data streams directly from NTFS image files.☆28Mar 12, 2026Updated last week
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- Go package to perform common cryptanalysis functions.☆15Sep 23, 2017Updated 8 years ago