mnrkbys / ma2tlLinks
macOS forensic timeline generator using the analysis result DBs of mac_apt
☆94Updated last year
Alternatives and similar repositories for ma2tl
Users that are interested in ma2tl are comparing it to the libraries listed below
Sorting:
- Forensic Artifact Collection Tool for macOS☆113Updated 3 weeks ago
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆54Updated 2 years ago
- JPCERT/CC public YARA rules repository☆110Updated 8 months ago
- acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.☆109Updated this week
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆69Updated last year
- Digital Forensics Artifacts Knowledge Base☆86Updated last year
- Forensic Artifact Collection Tool Matrix☆88Updated 9 months ago
- An exercise to practice deobfuscating PowerShell Scripts.☆26Updated 2 years ago
- Remote access and Antivirus Logging Database☆42Updated last year
- A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.☆27Updated 3 years ago
- Just Another broken Registry Parser (JARP)☆16Updated last year
- macOS Artifacts☆31Updated 5 months ago
- Information about the open-source-dfir slack community☆29Updated 2 years ago
- USN Journal full path builder☆61Updated 11 months ago
- Chrome Logs Events and Protobuf Parser☆39Updated 2 years ago
- A YARA & Malware Analysis Toolkit written in Rust.☆48Updated 3 weeks ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆65Updated 3 years ago
- Quick ESXi Log Parser☆24Updated this week
- WLEAPP is an open source project that aims to parse Windows OS artifacts for the purpose of triage analysis.☆32Updated last year
- Python script to walk a folder or a zip file for SQLite Databases☆38Updated last year
- A zero dependency and customizable Python library for scanning Windows and Linux process memory.☆66Updated last year
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆80Updated 3 months ago
- A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. P…☆27Updated 2 years ago
- A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhanc…☆57Updated 2 months ago
- ReWrite of AChoir in Go for Cross Platform☆40Updated last month
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆97Updated 2 years ago
- A toolkit for the post-mortem examination of Docker containers from forensic HDD copies☆104Updated last year
- The core backend server handling API requests and task management☆44Updated 2 weeks ago
- ☆88Updated 3 weeks ago
- Carve file metadata from NTFS index ($I30) attributes☆70Updated last year