010 template for apfs
☆26Feb 26, 2021Updated 5 years ago
Alternatives and similar repositories for APFS_010
Users that are interested in APFS_010 are comparing it to the libraries listed below
Sorting:
- VB Exe Parser is an IDA script written in Python. This script will help you to parse VB program internal structures. It can find: Event, …☆17Oct 8, 2016Updated 9 years ago
- ☆13Sep 23, 2016Updated 9 years ago
- APFS filesystem format for Kaitai Struct☆81Apr 20, 2022Updated 3 years ago
- Scripts and tools created for appx analysis talk (Magnet summit 2019)☆19Feb 26, 2024Updated 2 years ago
- Cocoa wrapper for a Privileged Helper Tool, Mac OS X 10.6+☆28Oct 11, 2016Updated 9 years ago
- extract and parse WEVT_TEMPLATEs from PE files☆18Dec 30, 2023Updated 2 years ago
- ☆22Jan 6, 2023Updated 3 years ago
- A small tool to easily mount APFS image on macOS for forensics.☆16Jul 30, 2020Updated 5 years ago
- Helper scripts to automate the extraction of YARA rules from XProtectRemediators☆22Mar 5, 2024Updated last year
- Python bindings for LZFSE☆18Jul 9, 2020Updated 5 years ago
- Research into Apple PPP and CCL components☆19Jun 8, 2019Updated 6 years ago
- A simple script to read the contents of a zip/tar/folder and extract metadata☆21Oct 6, 2025Updated 4 months ago
- CLI tool to compute the TypeRefHash for .NET binaries.☆19Nov 10, 2021Updated 4 years ago
- A tool for fetching DFIR and other GitHub tools.☆25Aug 2, 2025Updated 7 months ago
- CLBX file format☆20May 13, 2021Updated 4 years ago
- A parser for Unified logging tracev3 files☆97Jul 25, 2025Updated 7 months ago
- Manage Your Large Team of Consultants☆11Sep 18, 2025Updated 5 months ago
- Cortex EDR Ransomware protection Bypass☆26Feb 8, 2025Updated last year
- CyoHash is a simple shell extension that is used from within Windows Explorer to calculate the MD5 hash, SHA-1 hash, SHA-2 hash (SHA-256,…☆23Oct 19, 2019Updated 6 years ago
- ☆24Mar 12, 2025Updated 11 months ago
- Monitor the textual data pasted into Windows clipboard☆29Nov 4, 2018Updated 7 years ago
- A fork of The Sleuthkit with Pooled Storage and APFS support. See https://www.youtube.com/watch?v=k1XPillJ7aw for more info and usage.☆26Oct 27, 2019Updated 6 years ago
- File recovery for APFS☆162Apr 20, 2022Updated 3 years ago
- Modified python version of Rolf Rolles' https://github.com/RolfRolles/HexRaysDeob to unflatten Emotet'S Control Flow Flattening☆27May 5, 2022Updated 3 years ago
- iOS Photos.sqlite queries that may help with decoding data stored in Photos.sqlite. These queries are based on testing, research and some…☆70Mar 19, 2024Updated last year
- Automatically exported from code.google.com/p/mac-osx-forensics☆28Jan 12, 2016Updated 10 years ago
- NSWindow subclass that allows you to set a custom tint color for the titlebar☆37Oct 28, 2014Updated 11 years ago
- Mount, dump and analyze APFS volumes and containers☆40Dec 1, 2017Updated 8 years ago
- Chrome Logs Events and Protobuf Parser☆39Dec 13, 2022Updated 3 years ago
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆34Jun 27, 2025Updated 8 months ago
- Parses the WMI object database....looking for persistence☆34Dec 12, 2019Updated 6 years ago
- ☆35Oct 29, 2021Updated 4 years ago
- Python library for parsing AccessData AD1 images☆33Jun 1, 2023Updated 2 years ago
- A DFIR tool to analyze artifacts on macOS☆35Jan 18, 2021Updated 5 years ago
- Python Module for parsing Binary Property List and NSKeyedArchiver files☆84Feb 23, 2016Updated 10 years ago
- The official Prewikka GitHub mirror of https://www.prelude-siem.org/projects/prewikka/repository☆10Sep 11, 2020Updated 5 years ago
- A way to improve the programmer's day.☆11Jul 17, 2023Updated 2 years ago
- 摩拜单车截图分享功能☆10Oct 12, 2017Updated 8 years ago
- This is a curated collection of articles and research papers related to the unexpected or unwanted outcomes , security & privacy ri…☆11Dec 17, 2025Updated 2 months ago