OSX Forensics: a brief selection of useful tools
Today I’d like to share a brief list of useful tools I use for OSX analysis.
Continue…Today I’d like to share a brief list of useful tools I use for OSX analysis.
Continue…In order to expand the address space that is effectively usable by a process and to expand the amount of dynamic RAM, modern operating systems use the method known as swapping.
Continue…A simple step-to-step tutorial for iOS full acquisition.
Continue…A brief update on Cobalt Strike detection in forensics analysis, with a couple of new resources.
Continue…In my previous posts I often covered many tools and techniques that allows memory acquisition from a Windows system. However, I written few articles about Linux memory acquisition and analysis, only one brief post regarding memory profiles generation on Linux, using LiME.
Continue…Cobalt Strike was born as a penetration testing tool, useful for Red Teaming activities.
Continue…Data extraction, data acquisition, data analysis? Let’s try to make it a little clearer!
Continue…Sysdiagnose logs allow developers to extract information from iOS devices, and it is used for understanding bug occurrences.
However, this log is also useful for forensic purposes when a full device acquisition is not possible/available.
In order to perform a correct forensic analysis on a Apple device, a basic knowledge of storage, file allocation methods relevant files paths is always required.
Continue…