This article examines several forensic analysis tools for popular computer operating systems.
Computer forensic tools for Apple Mac hardware have traditionally focused on low-level file system details. Mac OS X and common applications on the Mac platform provide an abundance of information about the user's activities in configuration files, caches, and logs. The authors are developing MEGA, an extensible tool suite for the analysis of files on Mac OS X disk images. MEGA provides simple access to Spotlight metadata maintained by the operating system, yielding efficient file content search and exposing metadata such as digital camera make and model. It can also help investigators to assess FileVault encrypted home directories. MEGA support tools are under development to interpret files written by common Mac OS applications such as Safari, Mail, and iTunes.
Downloads
Similar Publications
- Quantifying and Qualifying the Influence of Standard Laboratory Procedures on Aged, Degraded, and/or Low Copy Number DNA
- Raman Spectroscopy and Chemometrics for Forensic Bloodstain Analysis: Species Differentiation, Donor Age Estimation, and Dating of Bloodstains
- Physical and Biochemical Factors Affecting the Recovery and Analysis of DNA from Human Skeletal Remains