Yogesh Khatri (@swiftforensics)

icon indicating a website link https://www.swiftforensics.com icon indicating an email [email protected]

icon company CyberCX icon location Sydney, Australia icon location DFIR wizard (in hibernation!)

Results 9 repositories owned by Yogesh Khatri (@swiftforensics)

mac_apt

722
Stars
99
Forks
Watchers

macOS (& ios) Artifact Parsing Tool

verified publisher icon ydkhatri

MacForensics

170
Stars
19
Forks
Watchers

Scripts to process macOS forensic artifacts

verified publisher icon ydkhatri

spotlight_parser

95
Stars
13
Forks
Watchers

Read and extract data from macOS spotlight databases

verified publisher icon ydkhatri

UnifiedLogReader

78
Stars
16
Forks
Watchers

A parser for Unified logging tracev3 files

verified publisher icon ydkhatri

APFS_010

23
Stars
5
Forks
Watchers

010 template for apfs

verified publisher icon ydkhatri

blackboxprotobuf

38
Stars
13
Forks
Watchers

Blackbox protobuf is a library for decoding and modifying arbitrary protobuf messages without the protobuf type definition.

verified publisher icon ydkhatri

macOS_FE

16
Stars
4
Forks
Watchers

Tools for macOS Forensic Bootable media

verified publisher icon ydkhatri

nska_deserialize

23
Stars
3
Forks
Watchers

NSKeyedArchive plist deserializer

verified publisher icon ydkhatri

OneDrive

99
Stars
21
Forks
Watchers

OneDrive log .ODL reader

verified publisher icon ydkhatri