OS X is, in effect, a *nix based system. Therefore the forensic image acquisition processes are very similar to those used on Linux systems.Today I’d like to share my personal acquisition workflow for Apple Mac systems, suitable for OSX before 10.11 (El Capitan) or any OSX version with SIP disabled.
Tag: forensics analysis
Yes, the answer is 42! 🙂
I just recently to perform a forensic analysis on a compromised Microsoft Azure VM, and I’d like to share a couple of useful tips.
Malware analysis and digital forensic analysis are processes that often needs the analyst to look into system memory.In this regard, a good analyst must have at least a base knowledge of Windows Memory Management.
Some months ago i’ve got GCFA certification. During exam preparation i’ve collected a lot of notes, and after the exam i’ve gradually organized them in a index based on topics emerged during the exam, usual using my few freetime.