Alternatives and similar repositories for macosac:

Users that are interested in macosac are comparing it to the libraries listed below

• mnrkbys / ma2tl
  macOS forensic timeline generator using the analysis result DBs of mac_apt
  ☆89Updated last year
• ydkhatri / UnifiedLogReader
  A parser for Unified logging tracev3 files
  ☆82Updated last year
• nicoleibrahim / DSStoreParser
  macOS .DS_Store Parser
  ☆61Updated 3 years ago
• mac4n6 / FSEventsParser
  Parser fo macOS/iOS FSEvents Logs
  ☆28Updated 8 months ago
• ForensicArtifacts / artifacts-kb
  Digital Forensics Artifacts Knowledge Base
  ☆76Updated 8 months ago
• abrignoni / WLEAPP
  WLEAPP is an open source project that aims to parse Windows OS artifacts for the purpose of triage analysis.
  ☆31Updated last year
• mandiant / macos-UnifiedLogs
  ☆224Updated this week
• abrignoni / DFIR-SQL-Query-Repo
  Collection of SQL query templates for digital forensics use by platform and application.
  ☆102Updated 3 years ago
• cclgroupltd / ccl-segb
  Module(s) related to reading SEGB (fka "Biome") data from iOS, mascOS, etc.
  ☆15Updated 7 months ago
• markmckinnon / cLeapp
  Chrome Logs Events and Protobuf Parser
  ☆36Updated 2 years ago
• Digital-Forensics-Discord-Server / ArtifactParsers
  A repo that aims to centralize a current, running list of relevant parsers/tools for known DFIR artifacts
  ☆56Updated 2 months ago
• puffyCid / macos-fseventsd
  A library to parse macOS FsEvents
  ☆18Updated 2 years ago
• MattETurner / DFIRlogbook
  Logbook for Digital Forensics and Incident Response
  ☆50Updated 6 months ago
• stark4n6 / SQLiteWalker
  Python script to walk a folder or a zip file for SQLite Databases
  ☆38Updated last year
• mnrkbys / norimaci
  Norimaci is a simple and lightweight malware analysis sandbox for macOS
  ☆67Updated 4 years ago
• richiercyrus / Venator-Swift
  Swift Command line tool used for proactive detection of malicious activity on macOS systems.
  ☆68Updated 4 years ago
• cheeky4n6monkey / iOS_sysdiagnose_forensic_scripts
  Scripts to parse various iOS sysdiagnose logs. Based upon the forensic research of Mattia Epifani, Heather Mahalik and Cheeky4n6monkey.
  ☆178Updated 2 years ago
• fox-it / acquire
  acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.
  ☆92Updated this week
• abrignoni / VLEAPP
  Vehicle Logs Events And Properties Parser
  ☆80Updated last month
• ydkhatri / jarp
  Just Another broken Registry Parser (JARP)
  ☆16Updated 7 months ago
• bradleyjkemp / sigma-esf
  Run Sigma detection rules on logs from the new MacOS EndpointSecurity Framework
  ☆20Updated 3 years ago
• pstirparo / machofile
  machofile is a module to parse Mach-O binary files
  ☆48Updated 11 months ago
• AndrewRathbun / KAPE-EZToolsAncillaryUpdater
  A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhanc…
  ☆55Updated last year
• mcarmanize / esfriend
  A minimal malware analysis sandbox for macOS
  ☆27Updated last year
• SentineLabs / XProtect-Malware-Families
  Mapping XProtect's obfuscated malware family names to common industry names.
  ☆83Updated 8 months ago
• AmgdGocha / DriveFS-Sleuth
  DriveFS Sleuth is a Python tool that automates investigating Google Drive File Stream disk artifacts, the tool has been developed based o…
  ☆77Updated 3 weeks ago
• brimorlabs / KStrike
  Stand-alone parser for User Access Logging from Server 2012 and newer systems
  ☆72Updated last year
• AndrewRathbun / DFIRPowerShellScripts
  Various PowerShells scripts I've made (or others have made) to automate some of the boring stuff in my everyday DFIR journey!
  ☆44Updated 3 months ago
• jankais3r / Forensic-Version-Checker
  Script that checks for available updates for the most commonly used Digital Forensics tools
  ☆58Updated 4 years ago