mnrkbys / bgiparserView external linksLinks
A parsing tool for backgrounditems.btm
☆52Aug 23, 2024Updated last year
Alternatives and similar repositories for bgiparser
Users that are interested in bgiparser are comparing it to the libraries listed below
Sorting:
- Tool to rip system and user data from OSX and macOS☆16Dec 6, 2022Updated 3 years ago
- Use "Full Disk Access" permissions to read the contents of TCC.db and display it in human-readable format☆40Jul 27, 2021Updated 4 years ago
- Allow services that are denied in the TCC database.☆11May 18, 2021Updated 4 years ago
- ☆31May 22, 2023Updated 2 years ago
- Wrapper for TSK (Sleuth Kit) Bindings☆12Jan 10, 2023Updated 3 years ago
- Parsers for common structures across windows formats.☆12Aug 23, 2023Updated 2 years ago
- Proof of concept for CVE-2018-4150 by @cmwdotme☆14May 8, 2018Updated 7 years ago
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- Help deobfuscate VBScript☆18Jul 1, 2022Updated 3 years ago
- CLI frontend for com.apple.decmpfs / AppleFSCompression.framework☆33Oct 18, 2022Updated 3 years ago
- A GUI for launchd, similar to launchctl. Or... something.☆13May 7, 2022Updated 3 years ago
- Slides and material from my conference presentations☆16Mar 30, 2024Updated last year
- NTFS Security Descriptor Stream ($Secure:$SDS) parser☆14Jan 9, 2023Updated 3 years ago
- Automatically exported from code.google.com/p/mac-osx-forensics☆28Jan 12, 2016Updated 10 years ago
- A triage data collection script for macOS☆28Nov 27, 2020Updated 5 years ago
- Indicators of Normality☆11Jul 22, 2022Updated 3 years ago
- Parsers for .mdf file of Microsoft SQL Server (MSSQL)☆15Mar 28, 2020Updated 5 years ago
- An app to protect against process injection and suspicious file links on macOS☆230May 19, 2021Updated 4 years ago
- LNK to JSON☆14Mar 7, 2019Updated 6 years ago
- Microsoft Edge Microsoft Edge主页算法☆20Apr 15, 2019Updated 6 years ago
- Quickly open split source/preview views via hotkey or toolbar icon☆17Nov 19, 2022Updated 3 years ago
- And open-source version of % sfltool dumpbtm☆146Oct 18, 2023Updated 2 years ago
- macOS Artifact Intelligence Tool☆13Apr 30, 2019Updated 6 years ago
- PoC code for CVE-2018-9539☆20Nov 11, 2018Updated 7 years ago
- CryptnetURLCacheParser is a tool to parse CryptAPI cache files☆20Aug 3, 2024Updated last year
- Hacky scripts to fixup stack strings in Ghidra's decompiler.☆36May 22, 2022Updated 3 years ago
- macOS application that makes use of the EndpointSecurity framework☆19Aug 1, 2019Updated 6 years ago
- Fun tools around the EBS Direct API☆19Apr 16, 2021Updated 4 years ago
- A small tool to easily mount APFS image on macOS for forensics.☆16Jul 30, 2020Updated 5 years ago
- macOS .DS_Store Parser☆75Aug 17, 2021Updated 4 years ago
- Copy data to your clipboard via the command line (including images, archive files, videos etc.) 📋☆15May 15, 2025Updated 8 months ago
- This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-…☆17Sep 26, 2025Updated 4 months ago
- Python bindings for https://github.com/omerbenamram/mft☆23Dec 23, 2025Updated last month
- A Windows registry file parser written in Rust☆41Oct 30, 2025Updated 3 months ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆86Dec 17, 2025Updated last month
- Python Module for parsing Binary Property List and NSKeyedArchiver files☆84Feb 23, 2016Updated 9 years ago
- Rhaegal is a tool written in Python 3 used to scan Windows Event Logs for suspicious logs. Rhaegal uses custom rule format to detect sus…☆42Sep 21, 2023Updated 2 years ago
- Run Sigma detection rules on logs from the new MacOS EndpointSecurity Framework☆22Jan 22, 2021Updated 5 years ago
- A handy command line program to work fast and straightforward with firejail profiles.☆18Oct 18, 2023Updated 2 years ago