OS X Auditor
A Mac OS X computer forensics tool for analyzing system artifacts, user files, and logs with reputation verification and log aggregation capabilities.
Vshadow (vshadow.exe) is a command line utility for managing volume shadow copies included within the Windows SDK and signed by Microsoft. It allows for executing scripts and invoking commands in support of volume shadow snapshot management, which can be abused for privileged-level evasion, persistence, and file extraction. The tool supports the -exec parameter for executing binaries or scripts without command arguments.
A Mac OS X computer forensics tool for analyzing system artifacts, user files, and logs with reputation verification and log aggregation capabilities.
A cross-platform registry hive editor for forensic analysis with advanced features like hex viewer and reporting engine.
ForensicMiner, Redefine DFIR Automations
A bash script for automating Linux swap analysis for post-exploitation or forensics purposes.
Fridump is an open source memory dumping tool using the Frida framework for dumping memory addresses from various platforms.
ID-spoofing NFS client