
timeliner
Timeliner is a digital forensics tool that rewrites mactime with an advanced expression engine for complex timeline filtering using BPF syntax.

timeliner
Timeliner is a digital forensics tool that rewrites mactime with an advanced expression engine for complex timeline filtering using BPF syntax.
timeliner Description
Timeliner is a digital forensics tool that serves as a rewrite of the traditional mactime utility, designed for timeline analysis of file system events. The tool incorporates a real expression engine that enables users to parse and apply complex filtering logic to forensic timeline data. This expression engine supports BPF (Berkeley Packet Filter) syntax, allowing investigators to create sophisticated queries for filtering events based on multiple criteria including time ranges, file paths, weekdays, and specific dates. Key capabilities include advanced filtering options that go beyond basic timeline analysis, enabling forensic analysts to narrow down large datasets to relevant events. The tool processes file system metadata to create chronological timelines of file activity, which is essential for incident response and forensic investigations. Currently in alpha development stage, timeliner aims to modernize timeline analysis workflows by providing more flexible query capabilities compared to traditional tools. The expression engine represents the primary differentiating feature, offering investigators enhanced control over data filtering and analysis processes.
FEATURED
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Stay Updated with Mandos Brief
Get the latest cybersecurity updates in your inbox
TRENDING CATEGORIES
POPULAR
Security platform that provides protection, monitoring and governance for enterprise generative AI applications and LLMs against various threats including prompt injection and data poisoning.
A threat intelligence aggregation service that consolidates and summarizes security updates from multiple sources to provide comprehensive cybersecurity situational awareness.
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.