Aftermath is a free macOS IR framework
☆569Sep 25, 2025Updated 5 months ago
Alternatives and similar repositories for aftermath
Users that are interested in aftermath are comparing it to the libraries listed below
Sorting:
- A repository for open-source resources created for use with or alongside Jamf Protect.☆218Feb 10, 2026Updated 2 weeks ago
- A command line tool for pstree-like output on macOS with additional pid capturing capabilities☆276Aug 23, 2024Updated last year
- A cross platform parser for Apple UnifiedLogs!☆330Feb 15, 2026Updated last week
- "The missing ProcMon for macOS": Mac Monitor records Endpoint Security events and displays them for analysis.☆1,265Updated this week
- macOS Security Compliance Project☆2,255Feb 18, 2026Updated last week
- A python script developed to process Windows memory images based on triage type.☆266Nov 25, 2023Updated 2 years ago
- AutoMacTC: Automated Mac Forensic Triage Collector☆553Mar 31, 2022Updated 3 years ago
- A native SwiftUI macOS application that check's Jamf Pro, Jamf School, Jamf Now, Jamf Connect and Jamf Protect on it's state☆104Sep 29, 2025Updated 5 months ago
- macOS (& ios) Artifact Parsing Tool☆995Feb 11, 2026Updated 2 weeks ago
- A Mac utility to help inspect Apple Configuration Profile payloads.☆414Oct 11, 2025Updated 4 months ago
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆173Jan 30, 2026Updated last month
- Create user-notifications on macOS with swiftDialog☆774Updated this week
- A macOS authorization plugin that helps MDM administrators ensure valid FileVault keys are escrowed for all their Macs.☆273Jan 17, 2026Updated last month
- macOS forensic timeline generator using the analysis result DBs of mac_apt☆93Sep 7, 2023Updated 2 years ago
- A macOS script to encourage users to restart their workstations☆214Jan 14, 2026Updated last month
- Setup Your Mac aims to simplify initial device configuration by leveraging swiftDialog and Jamf Pro Policy Custom Events to allow end-use…☆300Updated this week
- Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of par…☆253Nov 18, 2024Updated last year
- Remove unused items from your Jamf server☆195Feb 10, 2026Updated 2 weeks ago
- Apple Enterprise SSO troubleshooting script☆60Jun 20, 2023Updated 2 years ago
- Extension Attributes for use in JAMF Software's Casper Suite☆91Nov 8, 2021Updated 4 years ago
- ObjectiveC CLI tool for interacting with macOS Keychain☆82Oct 10, 2022Updated 3 years ago
- The Support App is developed by Root3, specialized in managing Apple devices. Root3 offers consultancy and support for organizations to g…☆749Updated this week
- S.U.P.E.R.M.A.N. optimizes the macOS software update experience.☆841Updated this week
- macOS Utility to facilitate the mass migration of files/apps/preferences between devices.☆127Feb 20, 2026Updated last week
- A tool for encouraging the installation of macOS security updates.☆1,232Sep 18, 2024Updated last year
- Device management schema data for MDM.☆867Feb 16, 2026Updated last week
- A tool for AWS incident response, that allows for enumeration, acquisition and analysis of data from AWS environments for the purpose of …☆198Jan 6, 2026Updated last month
- 🕶 Awesome Mac Admin Tools list☆643Dec 17, 2025Updated 2 months ago
- ☆19Oct 2, 2024Updated last year
- A Mac command-line tool that generates kick-ass Jamf Pro reports.☆161Jan 14, 2024Updated 2 years ago
- Scripts with leverage Bart Reardon's swiftDialog☆120Updated this week
- A minimal malware analysis sandbox for macOS☆34Feb 15, 2023Updated 3 years ago
- The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifa…☆646Nov 7, 2025Updated 3 months ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆785Updated this week
- Forensic Artifact Collection Tool for macOS☆118Jul 28, 2025Updated 7 months ago
- Enrollment progress manager☆292Feb 10, 2026Updated 2 weeks ago
- A tool designed for CI/CD pipelines that gets all Jamf Pro Notifications from a Jamf Pro server and posts them to Slack using a webhook.☆22Aug 24, 2023Updated 2 years ago
- App to redeploy the Jamf Framework to a device enrolled in Jamf Pro☆68Aug 16, 2024Updated last year
- Powershell module for VMWare vSphere forensics☆167Nov 8, 2024Updated last year