Tag Archives: Mac OSX

OSXCollector – Forensic Evidence Collection Toolkit

OSXCollector is a forensic evidence collection & analysis toolkit for OSX.The collection script runs on a potentially infected machine and outputs a JSON file that describes the target machine. OSXCollector gathers information from plists, SQLite databases and the local file

FSEventsParser – Parser for OSX/iOS FSEvents Logs

FSEventsParser can be used to parse FSEvents files from the '/.fseventsd/' on a live system or FSEvents files extracted from an image. Carved GZIP files from a macOS volume or a device that was plugged into a macOS system can

DylibHijack- Dylib Hijack Scanner

DLL Hijacking a technique that is widely used by malware writers, this to infect users , launch certain applications or make a privilege escalation. some of the tools that you can use to detect DLL hijacking on windows are: CrowdInspect

OSXCollector- Forensic collection & analysis toolkit

OSXCollector is an information gathering and analysis toolkit that you can use for running a forensics against OSX based operating systems. the toolkit include a number of python scripts that create JSON file with information about the targeted system if

Tech support scam targets Mac users

Technical support services are very popular among all tech users while this may assists in resolving some complex problems on the other hand they are used by scammers. Malwarebytes security researchers are alerting over this week of an increase in

Volafox Mac OS X Memory Analysis Toolkit

Volafox is an open source toolkit that you can use for Mac OS X and BSD forensics. The tool is a python based and allows investigating security incidents and finding information for malwares and any malicious program on the system.

Beware of OSX/KitM Mac Spyware

Security researchers at F-Secure Lab reported the discovery of new forms of malicious code named KitM, the malware targets Mac OS X operating system. KitM (Kumar in the Mac) is also known as HackBlack and is a kind of backdoor,