A rewrite of mactime, timeliner uses a real expression engine to parse and apply filtering logic, allowing complex queries like filtering events based on time, path, weekday, and date using a BPF syntax. Although still in alpha stage, its killer feature is the advanced expression engine.
FEATURES
SIMILAR TOOLS
A library to access and parse Windows XML Event Log (EVTX) format, useful for digital forensics and incident response.
A library to access the Extensible Storage Engine (ESE) Database File (EDB) format used in various Windows applications.
A library and set of tools for accessing and analyzing storage media devices and partitions for forensic analysis and investigation.
A digital artifact extraction framework for extracting data from volatile memory (RAM) samples, providing visibility into the runtime state of a system.
A PowerShell-based incident response and live forensic data acquisition tool for Windows hosts.
A library to access FileVault Drive Encryption (FVDE) encrypted volumes on Mac OS X systems.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.