This article examines several forensic analysis tools for popular computer operating systems.
Computer forensic tools for Apple Mac hardware have traditionally focused on low-level file system details. Mac OS X and common applications on the Mac platform provide an abundance of information about the user's activities in configuration files, caches, and logs. The authors are developing MEGA, an extensible tool suite for the analysis of files on Mac OS X disk images. MEGA provides simple access to Spotlight metadata maintained by the operating system, yielding efficient file content search and exposing metadata such as digital camera make and model. It can also help investigators to assess FileVault encrypted home directories. MEGA support tools are under development to interpret files written by common Mac OS applications such as Safari, Mail, and iTunes.
Downloads
Similar Publications
- Prediction of Skull Fracture Risk for Children 0-9 Months Old Through Validated Parametric Finite Element Model and Cadaver Test Reconstruction
- Criteria for Selecting Microhaplotypes: Mixture Detection and Deconvolution
- DNA Purification Cell Lysis and Wash Step Modifications for Low-Template DNA Sample Processing