APFS FUSE Driver for Linux is a read-only file system driver that enables Linux systems to mount and access Apple File System (APFS) volumes. The driver supports software encrypted volumes and fusion drives, allowing forensic investigators and security professionals to examine Apple devices and storage media on Linux platforms. Key capabilities include: - Read-only access to APFS volumes - Support for encrypted volumes including FileVault encryption - Ability to mount disk images (DMG files) - Support for GPT partition tables - Snapshot and sealed volume mounting functionality - Fusion drive compatibility The tool requires compilation from source code with specific dependencies including FUSE libraries, development tools, and compression libraries. While functional for most use cases, some compression methods are not yet supported, which may result in compressed files being returned instead of their uncompressed versions. The driver has evolved since its initial 2017 release, with regular updates adding encryption support, DMG mounting capabilities, and enhanced partition table handling.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Review of various MFT parsers used in digital forensics for analyzing NTFS file systems.
A library to access FileVault Drive Encryption (FVDE) encrypted volumes on Mac OS X systems.
Create checkpoint snapshots of the state of running pods for later off-line analysis.
A powerful OSINT tool for creating custom templates for data extraction and analysis
A command line utility for managing volume shadow copies with capabilities for evasion, persistence, and file extraction.
MalConfScan is a Volatility plugin for extracting configuration data of known malware and analyzing memory images.
A tool for creating compact Linux memory dumps compatible with popular debugging tools.
Dump the contents of the location database files on iOS and macOS with output options like KML and CSV.
Browse and analyze iPhone/iPad backups with detailed file properties and various viewers.
PINNED

Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.