mnrkbys / ma2tlLinks
macOS forensic timeline generator using the analysis result DBs of mac_apt
☆95Updated 2 years ago
Alternatives and similar repositories for ma2tl
Users that are interested in ma2tl are comparing it to the libraries listed below
Sorting:
- Forensic Artifact Collection Tool for macOS☆117Updated 2 months ago
- JPCERT/CC public YARA rules repository☆110Updated 10 months ago
- Chrome Logs Events and Protobuf Parser☆39Updated 2 years ago
- Digital Forensics Artifacts Knowledge Base☆86Updated last week
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆68Updated 2 years ago
- Rules Shared by the Community from 100 Days of YARA 2023☆78Updated 2 years ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆65Updated 3 years ago
- Remote access and Antivirus Logging Database☆43Updated last year
- A YARA & Malware Analysis Toolkit written in Rust.☆53Updated 2 weeks ago
- The core backend server handling API requests and task management☆48Updated last week
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆55Updated 2 years ago
- Detection Engineering with YARA☆87Updated last year
- macOS Artifacts☆32Updated 7 months ago
- acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.☆108Updated last week
- A forensic open-source parser module for Autopsy that allows extracting the messages, comments, posts, contacts, calendar entries and rea…☆106Updated 2 weeks ago
- Forensic Artifact Collection Tool Matrix☆91Updated 11 months ago
- USN Journal full path builder☆61Updated last year
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆97Updated 2 years ago
- ☆68Updated last week
- YARA rule analyzer to improve rule quality and performance☆104Updated 6 months ago
- ☆19Updated 3 years ago
- BlackBerry Threat Research & Intelligence☆99Updated 2 years ago
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hos…☆32Updated 3 years ago
- A zero dependency and customizable Python library for scanning Windows and Linux process memory.☆66Updated last year
- CryptnetURLCacheParser is a tool to parse CryptAPI cache files☆18Updated last year
- ☆88Updated 2 months ago
- A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhanc…☆57Updated 4 months ago
- A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.☆27Updated 3 years ago
- Documentation site for Velociraptor☆54Updated this week
- ReWrite of AChoir in Go for Cross Platform☆41Updated 2 weeks ago