OSXCollector – free Mac OS X forensics toolkit

Collect and analyse OS X forensic evidence with an open source toolkit. OSXCollector will help digital forensics analysts to gather information from plists, SQLite databases and the local file system. This information can be used by the analyst to answer the following very important questions:

• Is this machine infected with malware?
• How’d the malware get there?

You can read more about the toolkit and download it here.

And here is an amazing presentation by Chris Henderson (enruhe) and Justin Larson (Phant0mTrav3ler) from SAINTCon 2015: