ydkhatri / APFS_010
010 template for apfs
☆24Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for APFS_010
- Tools for macOS Forensic Bootable media☆15Updated 4 years ago
- Mount, dump and analyze APFS volumes and containers☆40Updated 6 years ago
- OSX Events Monitor☆21Updated 6 years ago
- macOS XProtect definition files☆38Updated 2 years ago
- A (basic) Mach-O Library☆20Updated 3 years ago
- A Python toolbox for Mach-O files analysis.☆22Updated 5 months ago
- Tools to measure an app's App Sandbox usage☆23Updated 4 years ago
- Slides and material from my conference presentations☆14Updated 7 months ago
- A minimal malware analysis sandbox for macOS☆26Updated last year
- Runtime code injection suite for exploring OS X process security☆37Updated 15 years ago
- Some thingy that copies macOS specific forensic artifacts to the location where the script is run from and also generates some folders. B…☆14Updated last week
- Utility to manipulate codesigned application in Mac OS X. Demonstrate the use of csops system call.☆71Updated 8 months ago
- ☆30Updated 5 months ago
- Use "Full Disk Access" permissions to read the contents of TCC.db and display it in human-readable format☆38Updated 3 years ago
- macOS application that makes use of the EndpointSecurity framework☆18Updated 5 years ago
- Mach-O view plugin☆20Updated 8 months ago
- Automatically exported from code.google.com/p/mac-osx-forensics☆27Updated 8 years ago
- A Kext that can be used to disable Rootless in OS X El Capitan/macOS Sierra. You need to sign it OR use an exploit to make OS X load it.☆78Updated 4 years ago
- Change your kernel version☆34Updated 6 years ago
- This is a work-in-progress command line tool for reversing run-only AppleScripts. It will help parse the output of applescript-disassembl…☆64Updated 3 years ago
- Research about malware that infects the EFI and SMC of Apple MacBooks.☆55Updated 8 months ago
- Discover which process execute a hunted binary inside macOS☆24Updated 2 years ago
- Grab functions from radare2☆10Updated 7 years ago
- A parsing tool for backgrounditems.btm☆47Updated 2 months ago
- ☆19Updated 5 years ago
- Hopper plugin to analyze ObjC runtime structures in the dyld_shared_cache☆23Updated 3 years ago
- Tool for reverse-engineering Apple's sandbox☆55Updated 7 years ago
- Find what's not loaded in memory on an executable (OS X/iOS only)☆9Updated 8 years ago
- A module to expose the Endpoint Security library to Swift☆20Updated 5 years ago
- IDA plugin to extract Mach-O binaries located in the disassembly or data☆59Updated 5 years ago