Presentation Archives for my macOS and iOS Related Research
☆261Mar 18, 2025Updated last year
Alternatives and similar repositories for Presentations
Users that are interested in Presentations are comparing it to the libraries listed below
Sorting:
- Resources for HFS+ Forensics☆37Nov 15, 2015Updated 10 years ago
- Dump the iOS Frequent Location binary plist files☆89Nov 4, 2018Updated 7 years ago
- Apple Pattern of Life Lazy Output'er☆640Feb 25, 2024Updated 2 years ago
- Collection of forensics artifacts location for Mac OS X and iOS☆344Nov 11, 2021Updated 4 years ago
- macOS/iOS database location scraper to extract location data☆88Oct 26, 2022Updated 3 years ago
- Python script to parse the Most Recently Used (MRU) plist files on macOS into a more human friendly format.☆110Feb 22, 2018Updated 8 years ago
- Python Module for parsing Binary Property List and NSKeyedArchiver files☆85Feb 23, 2016Updated 10 years ago
- Python utilities related to plists☆55Oct 28, 2025Updated 4 months ago
- Parser for OSX/iOS FSEvents Logs☆278Dec 4, 2024Updated last year
- macOS (& ios) Artifact Parsing Tool☆1,015Mar 8, 2026Updated 2 weeks ago
- Collection of SQL query templates for digital forensics use by platform and application.☆114Apr 17, 2021Updated 4 years ago
- Script to recover deleted entries in an SQLite database☆196Apr 12, 2016Updated 9 years ago
- iOS forensics utility☆13May 8, 2018Updated 7 years ago
- Parse Windows Prefetch files: Supports XP - Windows 10 Prefetch files☆122May 29, 2024Updated last year
- A Windows Event Processing Utility☆47Feb 21, 2018Updated 8 years ago
- ☆35Aug 4, 2018Updated 7 years ago
- Carve NTFS USN records from binary data☆27May 21, 2017Updated 8 years ago
- Forensic Scripts☆156Mar 28, 2025Updated 11 months ago
- Discover USB device history for a specific user☆23Dec 28, 2015Updated 10 years ago
- Log Examination Tool☆27Oct 11, 2016Updated 9 years ago
- A script to mine SQLite databases for hidden gems that might be overlooked☆58Sep 19, 2020Updated 5 years ago
- A tool to find gadgets in the iOS kernelcache.☆33Jun 20, 2018Updated 7 years ago
- A parser for Unified logging tracev3 files☆97Jul 25, 2025Updated 7 months ago
- macOS Artifact Intelligence Tool☆13Apr 30, 2019Updated 6 years ago
- A GC link parser for both linkfiles and jumplists.☆18Oct 28, 2016Updated 9 years ago
- Forensic Scanner☆41Nov 29, 2012Updated 13 years ago
- A simple utility for stripping out either the SHA-1, MD5 or CRC values alone from the NSRL hash database☆14Nov 19, 2021Updated 4 years ago
- A forensic evidence collection & analysis toolkit for OS X☆1,892Jun 19, 2019Updated 6 years ago
- ☆67Feb 19, 2025Updated last year
- Binaries for the log2timeline projects and dependencies☆40Feb 8, 2026Updated last month
- Queries to parse sysmon event log file with microsoft logparser☆58Mar 31, 2015Updated 10 years ago
- Reconstruct process trees from event logs☆147Aug 12, 2020Updated 5 years ago
- Various tools and scripts☆43Nov 30, 2022Updated 3 years ago
- Page File analysis tools.☆131Dec 3, 2015Updated 10 years ago
- Scripts from my book OS X Incident Response Scripting and Analysis -> https://www.amazon.com/dp/012804456X/ref=cm_sw_r_tw_dp_U_x_fQeLAb68…☆50Sep 23, 2016Updated 9 years ago
- SQLite queries☆85Mar 8, 2023Updated 3 years ago
- Tools for parsing Forensic images☆41Dec 14, 2018Updated 7 years ago
- Materials from presentation☆20Jan 18, 2016Updated 10 years ago
- Example programs used in the automating DFIR series☆63Mar 4, 2019Updated 7 years ago