mnrkbys / ma2tl
macOS forensic timeline generator using the analysis result DBs of mac_apt
☆89Updated last year
Related projects ⓘ
Alternatives and complementary repositories for ma2tl
- Forensic Artifact Collection Tool for macOS☆98Updated 2 months ago
- Digital Forensics Artifacts Knowledge Base☆75Updated 6 months ago
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆67Updated last year
- Logbook for Digital Forensics and Incident Response☆49Updated 4 months ago
- acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.☆91Updated this week
- ☆21Updated last month
- JPCERT/CC public YARA rules repository☆103Updated 5 months ago
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆49Updated last year
- A zero dependency and customizable Python library for scanning Windows and Linux process memory.☆63Updated 9 months ago
- USN Journal full path builder☆36Updated 2 months ago
- WLEAPP is an open source project that aims to parse Windows OS artifacts for the purpose of triage analysis.☆31Updated last year
- A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub☆64Updated last year
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆49Updated 6 months ago
- A toolkit for the post-mortem examination of Docker containers from forensic HDD copies☆94Updated 9 months ago
- Forensic Artifact Collection Tool Matrix☆75Updated 2 weeks ago
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆56Updated last year
- Remote access and Antivirus Logging Database☆41Updated 6 months ago
- TAPIR is a multi-user, client/server, incident response framework☆44Updated 2 years ago
- Yara Based Detection Engine for web browsers☆47Updated 3 years ago
- Detection rule validation☆41Updated last year
- ReWrite of AChoir in Go for Cross Platform☆35Updated last week
- Chrome Logs Events and Protobuf Parser☆34Updated last year
- Windows Event Log "Microsoft-Windows-Partition%4Diagnostic.evtx" parser and devices' VSNs extractor.☆19Updated 11 months ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆62Updated 2 years ago
- Elastic Security Labs releases☆52Updated 3 weeks ago
- DriveFS Sleuth is a Python tool that automates investigating Google Drive File Stream disk artifacts, the tool has been developed based o…☆74Updated last month
- Harness the power of Splunk for your investigations☆77Updated last week
- A repo that aims to centralize a current, running list of relevant parsers/tools for known DFIR artifacts☆51Updated last week