libyal / dtformats

Related projects: ⓘ

• ydkhatri / UnifiedLogReader
  A parser for Unified logging tracev3 files
  ☆79Updated 8 months ago
• mnrkbys / macosac
  Forensic Artifact Collection Tool for macOS
  ☆95Updated this week
• mandiant / macos-UnifiedLogs
  ☆204Updated 2 weeks ago
• SentineLabs / XProtect-Malware-Families
  Mapping XProtect's obfuscated malware family names to common industry names.
  ☆82Updated 4 months ago
• dlcowen / FSEventsParser
  Parser for OSX/iOS FSEvents Logs
  ☆232Updated 5 months ago
• libyal / libyal
  Yet another library library (and tools)
  ☆201Updated last week
• cheeky4n6monkey / iOS_sysdiagnose_forensic_scripts
  Scripts to parse various iOS sysdiagnose logs. Based upon the forensic research of Mattia Epifani, Heather Mahalik and Cheeky4n6monkey.
  ☆163Updated last year
• jjarava / mac-osx-forensics
  Automatically exported from code.google.com/p/mac-osx-forensics
  ☆26Updated 8 years ago
• puffyCid / macos-fseventsd
  A library to parse macOS FsEvents
  ☆16Updated 2 years ago
• cugu / afro
  File recovery for APFS
  ☆157Updated 2 years ago
• ydkhatri / spotlight_parser
  Read and extract data from macOS spotlight databases
  ☆102Updated last year
• digitalsleuth / time_decode
  A timestamp and date decoder written for python 3
  ☆33Updated last month
• cugu / apfs.ksy
  APFS filesystem format for Kaitai Struct
  ☆81Updated 2 years ago
• themittenmac / TrueTree
  A command line tool for pstree-like output on macOS with additional pid capturing capabilities
  ☆236Updated 3 weeks ago
• strozfriedberg / plistutils
  Python utilities related to plists
  ☆52Updated 7 months ago
• libyal / libregf
  Library and tools to access the Windows NT Registry File (REGF) format
  ☆103Updated last month
• msuhanov / yarp
  Yet another registry parser
  ☆128Updated 2 years ago
• mac4n6 / Presentations
  Presentation Archives for my macOS and iOS Related Research
  ☆234Updated 2 years ago
• pstirparo / machofile
  machofile is a module to parse Mach-O binary files
  ☆47Updated 7 months ago
• aff4 / pyaff4
  The Python implementation of the AFF4 standard.
  ☆44Updated 4 months ago
• abrignoni / DFIR-SQL-Query-Repo
  Collection of SQL query templates for digital forensics use by platform and application.
  ☆98Updated 3 years ago
• libyal / libfshfs
  Library and tools to access the Mac OS Hierarchical File System (HFS)
  ☆32Updated 2 months ago
• cclgroupltd / ccl_chromium_reader
  (Sometimes partial) Python re-implementations of the technologies involved in reading various data sources in Chrome-esque applications.
  ☆134Updated last week
• libyal / libfsntfs
  Library and tools to access the Windows New Technology File System (NTFS)
  ☆186Updated 2 months ago
• nicoleibrahim / DSStoreParser
  macOS .DS_Store Parser
  ☆60Updated 3 years ago
• pstirparo / mac4n6
  Collection of forensics artifacts location for Mac OS X and iOS
  ☆323Updated 2 years ago
• ScottKjr3347 / iOS_Local_PL_Photos.sqlite_Queries
  iOS Photos.sqlite queries that may help with decoding data stored in Photos.sqlite. These queries are based on testing, research and some…
  ☆62Updated 6 months ago
• knightsc / XProtect
  macOS XProtect definition files
  ☆38Updated 2 years ago
• ydkhatri / MacForensics
  Scripts to process macOS forensic artifacts
  ☆178Updated last month
• EC-DIGIT-CSIRC / sysdiagnose
  Forensic toolkit for iOS sysdiagnose feature
  ☆131Updated this week