Tag Archives: Mac OSX Forensics

Mac Forensics Report OS X El Capitan

Mac Forensics Report Official Release

mac forensics report is complete In the Mac Forensics report, the team at the LCDI looked at operating systems for Macs and tried to determine what artifacts can be collected and where their default locations can be found. Then they compared the two main operating systems: OS X and El Capitan. background information Last year […]

Continue reading
MacOSX Yosemite blurred background

Mac OS X Forensics Update

Intro On September 30th, 2015, Apple released its latest update to Mac OS X: El Capitan. El Capitan brings with it many improvements and features, such as Metal, IOS’s graphics API, improvements to Safari, Mail, IPhoto, and much more. Since our last blog post a few weeks ago, we have been busy with our research […]

Continue reading
Mac Forensics Report OS X El Capitan

Introduction to Mac OS X Forensics

introduction On September 30th, 2015, Apple is set to release their latest version of Mac OS X: El Capitan. While its predecessor Yosemite brought many major updates to commonly used applications, El Capitan promises more subtle changes. With El Capitan, Apple is integrating Metal, IOS’s graphics API, into Mac OS X, along with various performance […]

Continue reading

Mac OS X Forensics Part 5

Mac OS X Forensics: Mac OS x yOSEMITE and iOS Handoff  Progress and Roadblocks Our team has made a lot of progress over the months since the start of this project. We were able to find a list of Mac OS X Lion artifacts and their location used in a OS X Lion Artifact report […]

Continue reading

Mac OSX Forensics Part 3

Mac Imaging In order to preserve the physical integrity of the machine, we chose to image the Mac non-invasively.  We forced the target Mac to enter “Target disk mode” during the boot process and attached a thunderbolt cable.  After attaching the other end of the cable to our “Analysis Mac,” we were able to fully […]

Continue reading

Mac OSX Forensics Part 2

Different Examination Tools We have been doing extensive background research in advance of the actual data-generation and forensic aspect of our project. Currently, we have been researching the different examination tools and methods there are for Mac OSX. We have researched open-source tools as well as commercial tools and have chosen the ones we believe […]

Continue reading

Mac OSX Forensics Introduction

Project Introduction Mac OSX is Apple’s most recent operating system for Macintosh computers. Macs are widely used, and knowing how to get information off of them very important for forensic examiners. Just PC expertise is not enough today; Macs have a different way of storing user data and artifacts. Knowledge of the location of potential […]

Continue reading