This article examines several forensic analysis tools for popular computer operating systems.
Computer forensic tools for Apple Mac hardware have traditionally focused on low-level file system details. Mac OS X and common applications on the Mac platform provide an abundance of information about the user's activities in configuration files, caches, and logs. The authors are developing MEGA, an extensible tool suite for the analysis of files on Mac OS X disk images. MEGA provides simple access to Spotlight metadata maintained by the operating system, yielding efficient file content search and exposing metadata such as digital camera make and model. It can also help investigators to assess FileVault encrypted home directories. MEGA support tools are under development to interpret files written by common Mac OS applications such as Safari, Mail, and iTunes.
Downloads
Similar Publications
- Linking Ammonium Nitrate – Aluminum (AN-AL) Post-Blast Residues to PreBlast Explosive Materials Using Isotope Ratio and Trace Elemental Analysis for Source Attribution
- Experimental and Numerical Investigation of Gypsum Calcination under Fire Exposure (Thesis)
- A Multi-Stream Fusion Approach with One-Class Learning for Audio-Visual Deepfake Detection