mac4n6 / Presentations

Related projects ⓘ

Alternatives and complementary repositories for Presentations

• dlcowen / FSEventsParser
  Parser for OSX/iOS FSEvents Logs
  ☆236Updated 7 months ago
• pstirparo / mac4n6
  Collection of forensics artifacts location for Mac OS X and iOS
  ☆326Updated 3 years ago
• mac4n6 / macMRU-Parser
  Python script to parse the Most Recently Used (MRU) plist files on macOS into a more human friendly format.
  ☆101Updated 6 years ago
• ydkhatri / UnifiedLogReader
  A parser for Unified logging tracev3 files
  ☆80Updated 10 months ago
• droe / xnumon
  monitor macOS for malicious activity
  ☆230Updated 5 years ago
• mac4n6 / iOS-Frequent-Locations-Dumper
  Dump the iOS Frequent Location binary plist files
  ☆82Updated 6 years ago
• cheeky4n6monkey / iOS_sysdiagnose_forensic_scripts
  Scripts to parse various iOS sysdiagnose logs. Based upon the forensic research of Mattia Epifani, Heather Mahalik and Cheeky4n6monkey.
  ☆169Updated 2 years ago
• mac4n6 / Mac-Locations-Scraper
  macOS/iOS database location scraper to extract location data
  ☆77Updated 2 years ago
• ahoog42 / ios-triage
  incident response tool for iOS devices
  ☆49Updated 2 years ago
• SentineLabs / XProtect-Malware-Families
  Mapping XProtect's obfuscated malware family names to common industry names.
  ☆82Updated 6 months ago
• 0xmachos / mac-white-papers
  Every OS X/ macOS white paper
  ☆114Updated 4 years ago
• richiercyrus / Venator
  [⛔️ Deprecated] Venator is a python tool used to gather data for proactive detection of malicious activity on macOS devices.
  ☆176Updated 4 years ago
• mac4n6 / APOLLO
  Apple Pattern of Life Lazy Output'er
  ☆564Updated 8 months ago
• aaronst / macholibre
  Mach-O & Universal Binary Parser
  ☆143Updated 2 years ago
• n0fate / volafox
  Mac OS X Memory Analysis Toolkit
  ☆165Updated 8 years ago
• knightsc / EndpointSecurity
  A module to expose the Endpoint Security library to Swift
  ☆20Updated 5 years ago
• santoru / filewatcher
  A simple auditing utility for macOS
  ☆282Updated 3 years ago
• phdphuc / mac-a-mal
  The current repository contains all the scripts needed to build kernel-mode mac-a-mal malicious activity hooking on macOS.
  ☆82Updated 6 years ago
• jbradley89 / osx_incident_response_scripting_and_analysis
  Scripts from my book OS X Incident Response Scripting and Analysis -> https://www.amazon.com/dp/012804456X/ref=cm_sw_r_tw_dp_U_x_fQeLAb68…
  ☆49Updated 8 years ago
• ydkhatri / spotlight_parser
  Read and extract data from macOS spotlight databases
  ☆104Updated last year
• AlfredoAbarca / OSXMon
  OSX Events Monitor
  ☆21Updated 6 years ago
• abrignoni / DFIR-SQL-Query-Repo
  Collection of SQL query templates for digital forensics use by platform and application.
  ☆100Updated 3 years ago
• mandiant / macos-UnifiedLogs
  ☆211Updated this week
• Yelp / osxcollector_output_filters
  Filters that process and transform the output of osxcollector
  ☆78Updated 5 years ago
• objective-see / ProcInfo
  process info/monitoring library for macOS
  ☆414Updated 3 years ago
• phdphuc / mac-a-mal-cuckoo
  The current repository contains all the scripts needed to complement kernel-mode mac-a-mal malicious activity hooking on macOS to Cuckoo …
  ☆46Updated 6 years ago
• CrowdStrike / Forensics
  Scripts and code referenced in CrowdStrike blog posts
  ☆331Updated 5 years ago
• CrowdStrike / automactc
  AutoMacTC: Automated Mac Forensic Triage Collector
  ☆532Updated 2 years ago
• gdbinit / Gatekeerper
  A kernel extension to mitigate Gatekeeper bypasses
  ☆49Updated 9 years ago