Difference between revisions of "Mac forensics"

From Simson Garfinkel
Jump to navigationJump to search
Line 12: Line 12:
* [https://support.apple.com/en-us/HT201222 Apple Security Updates]
* [https://support.apple.com/en-us/HT201222 Apple Security Updates]
* [https://support.apple.com/specs Apple Tech Specs]
* [https://support.apple.com/specs Apple Tech Specs]
==Other curricula==
* [https://www.iacis.com/training/macintosh-forensic-survival-course-mfsc/ Mac I: Best Practices in MAC Forensics]
* [https://www.iacis.com/training/mac-ii-advanced-practices-in-mac-forensics/ Mac II: Advanced Practices in MAC Forensics]


==Drive Image Tools==
==Drive Image Tools==

Revision as of 08:00, 3 November 2018

Notes on Mac Forensics.

On the Web

Apple's Resources

Other curricula

Drive Image Tools

Forensics Programs

Terminal Hacks

Is FV2 running? 

   fdsetup status

People

Ryan Kubasiak, previously ran http://www.macosxforensics.com/, now on the digital crimes team at Apple

Archives

  • MacOS X Forensics, Philip Craiger and Paul Burke, IFIP, DigitalForensics 2006, Advances in Digital Forensics II


Course Ideas

  • Cracking FileVault2 with JohnTheRipper
  • The Diskutil command
Retrieved from "https://simson.net/wiki/index.php?title=Mac_forensics&oldid=1973"