OSXCollector – free Mac OS X forensics toolkit

Collect and analyse OS X forensic evidence with an open source toolkit. OSXCollector will help digital forensics analysts to gather information from plists, SQLite databases and the local file system. This information can be used by the analyst to answer the following very important questions:

Is this machine infected with malware?
How’d the malware get there?

You can read more about the toolkit and download it here.

And here is an amazing presentation by Chris Henderson (enruhe) and Justin Larson (Phant0mTrav3ler) from SAINTCon 2015:

Digital Forensics

DISCLAIMER: THIS POST IS FOR INFORMATIONAL PURPOSES ONLY AND IS NOT TO BE CONSIDERED LEGAL ADVICE ON ANY SUBJECT MATTER. DIGITAL FORENSICS CORP. IS NOT A LAWFIRM AND DOES NOT PROVIDE LEGAL ADVICE OR SERVICES. By viewing posts, the reader understands there is no attorney-client relationship, the post should not be used as a substitute for legal advice from a licensed professional attorney, and readers are urged to consult their own legal counsel on any specific legal questions concerning a specific situation.