Alternatives and similar repositories for macosac:

Users that are interested in macosac are comparing it to the libraries listed below

• mnrkbys / ma2tl
  macOS forensic timeline generator using the analysis result DBs of mac_apt
  ☆93Updated last year
• ydkhatri / UnifiedLogReader
  A parser for Unified logging tracev3 files
  ☆84Updated last year
• mac4n6 / FSEventsParser
  Parser fo macOS/iOS FSEvents Logs
  ☆33Updated 11 months ago
• abrignoni / WLEAPP
  WLEAPP is an open source project that aims to parse Windows OS artifacts for the purpose of triage analysis.
  ☆30Updated last year
• ForensicArtifacts / artifacts-kb
  Digital Forensics Artifacts Knowledge Base
  ☆81Updated 11 months ago
• nicoleibrahim / DSStoreParser
  macOS .DS_Store Parser
  ☆66Updated 3 years ago
• mandiant / macos-UnifiedLogs
  ☆239Updated 3 weeks ago
• cclgroupltd / ccl-segb
  Module(s) related to reading SEGB (fka "Biome") data from iOS, mascOS, etc.
  ☆19Updated 10 months ago
• abrignoni / VLEAPP
  Vehicle Logs Events And Properties Parser
  ☆84Updated 2 months ago
• MattETurner / DFIRlogbook
  Logbook for Digital Forensics and Incident Response
  ☆50Updated 9 months ago
• abrignoni / DFIR-SQL-Query-Repo
  Collection of SQL query templates for digital forensics use by platform and application.
  ☆102Updated 4 years ago
• SentineLabs / macos-ttps-yara
  A ruleset to find potentially malicious code in macOS malware samples
  ☆39Updated last year
• dod-cyber-crime-center / sqlite-dissect
  DC3 SQLite Dissect
  ☆61Updated 5 months ago
• AndrewRathbun / KAPE-EZToolsAncillaryUpdater
  A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhanc…
  ☆55Updated 2 months ago
• WithSecureLabs / macOSTriageCollectionScript
  A triage data collection script for macOS
  ☆28Updated 4 years ago
• Lazza / Fuji
  MacOS forensic acquisition made simple
  ☆119Updated last week
• abrignoni / RLEAPP
  Returns Logs Events And Properties Parser
  ☆104Updated 3 weeks ago
• bradleyjkemp / sigma-esf
  Run Sigma detection rules on logs from the new MacOS EndpointSecurity Framework
  ☆20Updated 4 years ago
• Velocidex / velociraptor-docs
  Documentation site for Velociraptor
  ☆45Updated this week
• jankais3r / Forensic-Version-Checker
  Script that checks for available updates for the most commonly used Digital Forensics tools
  ☆59Updated 4 years ago
• CyberCX-DFIR / usnjrnl_rewind
  USN Journal full path builder
  ☆59Updated 7 months ago
• markmckinnon / cLeapp
  Chrome Logs Events and Protobuf Parser
  ☆38Updated 2 years ago
• moaistory / IE10Analyzer
  http://moaistory.blogspot.com/2016/08/ie10analyzer.html
  ☆16Updated 9 months ago
• mcarmanize / esfriend
  A minimal malware analysis sandbox for macOS
  ☆28Updated 2 years ago
• mnrkbys / vss_carver
  Carves and recreates VSS catalog and store from Windows disk image.
  ☆98Updated 2 years ago
• fox-it / acquire
  acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.
  ☆101Updated this week
• AXYS-Cyber / iCatch
  A utility to process the iOS Cache.sqlite database and create a timelined KML map for use in Google Earth
  ☆26Updated 4 months ago
• Digital-Forensics-Discord-Server / ArtifactParsers
  A repo that aims to centralize a current, running list of relevant parsers/tools for known DFIR artifacts
  ☆60Updated 5 months ago
• SentineLabs / XProtect-Malware-Families
  Mapping XProtect's obfuscated malware family names to common industry names.
  ☆84Updated 11 months ago
• stark4n6 / SQLiteWalker
  Python script to walk a folder or a zip file for SQLite Databases
  ☆38Updated last year