Alternatives and similar repositories for dtformats

Users that are interested in dtformats are comparing it to the libraries listed below

• ydkhatri / UnifiedLogReader
  A parser for Unified logging tracev3 files
  ☆96Updated 5 months ago
• themittenmac / TrueTree
  A command line tool for pstree-like output on macOS with additional pid capturing capabilities
  ☆270Updated last year
• mnrkbys / macosac
  Forensic Artifact Collection Tool for macOS
  ☆118Updated 5 months ago
• SentineLabs / XProtect-Malware-Families
  Mapping XProtect's obfuscated malware family names to common industry names.
  ☆90Updated 2 months ago
• libyal / libyal
  Yet another library library (and tools)
  ☆217Updated last month
• jjarava / mac-osx-forensics
  Automatically exported from code.google.com/p/mac-osx-forensics
  ☆28Updated 10 years ago
• SentineLabs / aevt_decompile
  This is a work-in-progress command line tool for reversing run-only AppleScripts. It will help parse the output of applescript-disassembl…
  ☆71Updated 5 years ago
• dlcowen / FSEventsParser
  Parser for OSX/iOS FSEvents Logs
  ☆271Updated last year
• cugu / afro
  File recovery for APFS
  ☆161Updated 3 years ago
• mandiant / macos-UnifiedLogs
  A cross platform parser for Apple UnifiedLogs!
  ☆310Updated 3 weeks ago
• mac4n6 / FSEventsParser
  Parser fo macOS/iOS FSEvents Logs
  ☆40Updated last year
• mdegrazia / SQLite-Deleted-Records-Parser
  Script to recover deleted entries in an SQLite database
  ☆193Updated 9 years ago
• kacos2000 / Queries
  SQLite queries
  ☆85Updated 2 years ago
• aff4 / Standard
  AFF4 Standard Documents
  ☆29Updated 3 years ago
• nicoleibrahim / DSStoreParser
  macOS .DS_Store Parser
  ☆74Updated 4 years ago
• Jinmo / applescript-disassembler
  A simple run-only applescript disassembler
  ☆142Updated last month
• digitalsleuth / time_decode
  A timestamp and date decoder written for python 3
  ☆41Updated last month
• vastlimits / esmat
  macOS Endpoint Security Message Analysis Tool
  ☆47Updated 3 years ago
• knightsc / XProtect
  macOS XProtect definition files
  ☆40Updated 3 years ago
• libyal / libfshfs
  Library and tools to access the Mac OS Hierarchical File System (HFS)
  ☆37Updated last month
• pstirparo / machofile
  machofile is a module to parse Mach-O binary files
  ☆90Updated 5 months ago
• Velocidex / c-aff4
  An AFF4 C++ implementation.
  ☆211Updated 2 years ago
• NTFSparse / ntfs_parse
  NTFS parser, plus linking capabilites between MFT LogFile and UsnJrnl
  ☆39Updated 9 years ago
• cugu / apfs.ksy
  APFS filesystem format for Kaitai Struct
  ☆82Updated 3 years ago
• msuhanov / dfir_ntfs
  An NTFS/FAT parser for digital forensics & incident response
  ☆217Updated 2 months ago
• libyal / libewf
  Libewf is a library to access the Expert Witness Compression Format (EWF)
  ☆295Updated last month
• ralphje / imagemounter
  Command line utility and Python package to ease the (un)mounting of forensic disk images
  ☆124Updated 2 years ago
• cclgroupltd / ccl-segb
  Module(s) related to reading SEGB (fka "Biome") data from iOS, mascOS, etc.
  ☆27Updated 4 months ago
• pcbje / pyad1
  Python library for parsing AccessData AD1 images
  ☆33Updated 2 years ago
• msuhanov / regf
  Windows registry file format specification
  ☆353Updated 7 years ago