Mac_apt –The Smarter and Faster Approach to macOS Processing - SANS DFIR Summit 2018
Автор: SANS Digital Forensics and Incident Response
Загружено: 2018-12-12
Просмотров: 2605
macOS forensics has not seen the kind of attention Windows gets. Few tools and documentation exist to specifically address macOS artifact processing needs, so we created the mac_apt - macOS Artifact Processing Tool, a Python, open-source, cross-platform, plugin-based framework with support for
Apple File System and High Sierra.
We’ll show you how mac_apt can process complex artifacts and
drastically cut down on manual processing time. We’ll talk about mac_apt’s design and investigator-friendly features. The presentation will also showcase some of our latest research into Mac artifacts that will eventually be released as mac_apt plugins.
Yogesh Khatri (@swiftforensics), Assistant Professor, Chaplain College
Доступные форматы для скачивания:
Скачать видео mp4
-
Информация по загрузке:
