nicoleibrahim / DSStoreParserLinks
macOS .DS_Store Parser
☆65Updated 3 years ago
Alternatives and similar repositories for DSStoreParser
Users that are interested in DSStoreParser are comparing it to the libraries listed below
Sorting:
- A triage data collection script for macOS☆28Updated 4 years ago
- macOS forensic timeline generator using the analysis result DBs of mac_apt☆94Updated last year
- Different DFIR and CTI utilities☆37Updated 5 years ago
- ☆39Updated 4 years ago
- Forensic Artifact Collection Tool for macOS☆111Updated 9 months ago
- Scripts for MacOS related tasks.☆18Updated 5 years ago
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆73Updated last year
- The home of the BriMor Labs rdpieces Perl script that tries to rebuild parsed RDP Bitmap Cache images☆80Updated last year
- Hunt malware with Volatility☆47Updated last year
- Run Sigma detection rules on logs from the new MacOS EndpointSecurity Framework☆20Updated 4 years ago
- A zero dependency and customizable Python library for scanning Windows and Linux process memory.☆66Updated last year
- Digital Forensics Artifacts Knowledge Base☆82Updated last year
- evtx2json extracts events of interest from event logs, dedups them, and exports them to json.☆42Updated 4 years ago
- acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.☆104Updated last week
- Parser fo macOS/iOS FSEvents Logs☆36Updated last year
- Script that checks for available updates for the most commonly used Digital Forensics tools☆59Updated 4 years ago
- Notes from my "Implementing a Kick-Butt Training Program: Blue Team GO!" talk☆12Updated 6 years ago
- ReWrite of AChoir in Go for Cross Platform☆41Updated 4 months ago
- A ruleset to find potentially malicious code in macOS malware samples☆40Updated last year
- A DFVFS Backed Forensic Viewer☆40Updated 5 years ago
- WLEAPP is an open source project that aims to parse Windows OS artifacts for the purpose of triage analysis.☆32Updated last year
- Powershell Scripts to work on Crowdstrike Falcon that pull back raw data relevant to forensic investigation☆23Updated 6 months ago
- A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. P…☆27Updated 2 years ago
- CSIRT Jump Bag☆26Updated last year
- Automagically extract forensic timeline from volatile memory dump☆131Updated last year
- Information about the open-source-dfir slack community☆29Updated 2 years ago
- isodump - ISO dump utility☆40Updated 6 years ago
- Swift Command line tool used for proactive detection of malicious activity on macOS systems.☆68Updated 4 years ago
- Just Another broken Registry Parser (JARP)☆16Updated last year
- A tool to modify timestamps in a packet capture to a user selected date☆31Updated 3 years ago