Jul 20, 2023

Tool for listing Modify, Access, Create timestamps from files

mac-robber is a Forensics & Incident Response tool used to collect the Modified, Access, and Change MAC times from allocated files. It recursively reads MAC times of files and directories and prints them in ‘time machine’ format to STDOUT. This format is the same that the mactime tool from The Coroners Toolkit TCT reads.

mac-robber is based on the grave-robber tool from The Coroners Toolkit TCT when using the ‘-m’ flag, except it does not require Perl!

Checkout these related ports:
  • Zzuf - Transparent application input fuzzer
  • Zlint - X.509 certificate linter
  • Zeronet - Decentralized websites using Bitcoin crypto and BitTorrent network
  • Zenmap - GUI frontend for the Nmap scanning utility
  • Zeek - System for detecting network intruders in real-time
  • Zaproxy - The OWASP zed attack proxy
  • Yubioath-desktop - GUI for displaying OATH codes with a Yubikey
  • Yubikey-personalization-gui - Graphical YubiKey personalization tool
  • Yubikey-manager-qt - Cross-platform application for configuring any YubiKey
  • Yubikey-agent - Seamless ssh-agent for YubiKeys
  • Yubico-piv-tool - Yubico PIV tool
  • Ylva - Command line password manager and file encryption program
  • Ykpers - Library and tool for personalization of Yubico's YubiKey
  • Ykclient - Yubico C client library
  • Yersinia - Layer 2 vulnerability scanner (switches, spanning tree, 802.1q ...)