A toolkit for forensic analysis of network appliances with YARA decoding options and frame extraction capabilities.
Open Backup Extractor is an open source program for extracting data from iPhone and iPad backups. You can download a signed .app file on the releases page. This program is licensed under the GPLv3. On macOS Mojave, Catalina, Big Sur, and Monterey, you need to allow the app the Full Disk Access permission first. Go to Settings > Security & Privacy > Full Disk Access and check Open Backup Extractor (or use the + button to add it if you have not already run the app).
A toolkit for forensic analysis of network appliances with YARA decoding options and frame extraction capabilities.
XMLStarlet offers a suite of command line utilities for manipulating and querying XML documents.
A library to access FileVault Drive Encryption (FVDE) encrypted volumes on Mac OS X systems.
Recreates the File/Directory tree structure from an extracted $MFT file with detailed record mapping and analysis capabilities.
Recover event log entries from an image by heuristically looking for record structures.
Custom built application for asynchronous forensic data presentation on an Elasticsearch backend, with upcoming features like Docker-based installation and new UI rewrite in React.