OSXCollector
OSXCollector is a forensic evidence collection & analysis toolkit for OSX. The collection script runs on a potentially infected machine and outputs a JSON file that describes the target machine. OSXCollector gathers information from plists, SQLite databases, and the local file system. Armed with the forensic collection, an analyst can answer questions like: Is this machine infected? How'd that malware get there? How can I prevent and detect further infection? Yelp automates the analysis of most OSXCollector runs, converting its output into an easily readable and actionable summary of just the suspicious stuff. Check out OSXCollector Output Filters project to learn how to make the most of the automated OSXCollector output analysis. osxcollector.py is a single Python file that runs without any dependencies on a standard OSX machine, making it really easy to run collection on any machine - no fussing with brew, pip, config files, or environment variables. Just copy the single file onto the machine and run it: sudo osxcollector.py is all it takes. $ sudo osxcollector.py Wrote 35394 lines. Output in osx
FEATURES
ALTERNATIVES
A modified version of GNU dd with added features like hashing and fast disk wiping.
NBD is a userland implementation of the Network Block Device protocol, allowing for remote access to block devices over a network.
An open source format for storing digital evidence and data, with a C/C++ library for creating, reading, and manipulating AFF4 images.
A tool for fixing acquired .evt Windows Event Log files in digital forensics.
A forensic research tool for gathering forensic traces on Android and iOS devices, supporting the use of public indicators of compromise.
A collection of tools for extracting and analyzing information from .git repositories
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
System Two Security
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
Aikido Security
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
Permiso
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.