Skip to content

cocopollo/HunterM

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

15 Commits
.gitignore
.gitignore
Β 
Β 
HuntM.py
HuntM.py
Β 
Β 
README.md
README.md
Β 
Β 
banner.png
banner.png
Β 
Β 

Repository files navigation

HunterM - macOS Forensics πŸ•΅οΈβ€β™‚οΈ

Banner

A powerful macOS DFIR artifact collection tool for forensic analysis.

HunterM is a digital forensics tool designed to collect and analyze key macOS forensic artifacts. It is useful for incident response, threat hunting, and compromise assessments.

πŸš€ Features

  • βœ… Collects Login Items, Network Connections, Extended Zsh History
  • βœ… Retrieves System Information (OS, kernel, timezone)
  • βœ… Extracts Browser History (Safari, Chrome, Firefox)
  • βœ… Lists Installed Applications
  • βœ… Exports collected artifacts into structured reports
  • βœ… No dependencies (except colorama for colored output)

πŸ“Œ Collected Artifacts

Artifact Description
Login Items Applications that start automatically at login
Network Connections Active network connections (ESTABLISHED state)
Zsh History Extended shell history with timestamps
System Information OS version, kernel details, timezone
Browser History Safari, Chrome, and Firefox visited sites
Installed Applications Lists all installed applications

⚑ Usage

Python HunterM.py -e output_directory

About

macOS Artifacts

Resources

Readme
Activity

Stars

33 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages