본문 바로가기
2014.08.16 19:14

MAC 포렌식 도구

조회 수 1737 추천 수 0 댓글 0
?

단축키

Prev이전 문서

Next다음 문서

+ - Up Down Comment Print
?

단축키

Prev이전 문서

Next다음 문서

+ - Up Down Comment Print

http://suban.tistory.com/681


Lantern 2 - A Mac based tool that analyzes iPhone, iPod Touch, and the new iPad.

Lantern Lite – the free iOS Imager for Law Enforcement

Mac Marshall – Excellent Mac Triage tool (Free to LE)

The Mac – The Mac itself is the best platform to conduct Mac exams.

dc3dd – A command line binary to create images. Also A GUI version as well for Mac.

Md5deep - A command line binary to hash file(s)

FTK 3 - Up and coming Forensic Tool that supports the HFS+ file system

MacForensicsLab – Great Utility for Mac Related exams. To include all iOS Devices

Show All Files – A free app from Version Tracker to show hidden files on Macs

Disk Arbitration – A cool tool to selectively mount and unmount devices from an easy to use GUI

 

Disk Arbitrator 0.4.2 Aaron Burghardt Blocks the mounting of file systems, complimenting a write blocker in disabling disk arbitration
Epoch Converter* Not listed Blackbag Technologies Converts epoch times to local time and UTC
FTK Imager CLI for Mac OS* 3.1.1 AccessData Command line Mac OS version of AccessData’s FTK Imager
IORegInfo Not listed Blackbag Technologies Lists items connected to the computer (e.g., SATA, USB and FireWire Drives, software RAID sets). Can locate partition information, including sizes, types, and the bus to which the device is connected
Mac Memory Reader 3.0.2 Cyber Marshal Command-line utility to capture physical RAM from Mac OS systems
PMAP Info* Not listed Blackbag Technologies Displays the physical partitioning of the specified device. Can be used to map out all the drive information, accounting for all used sectors



Designed by sketchbooks.co.kr / sketchbook5 board skin

나눔글꼴 설치 안내


이 PC에는 나눔글꼴이 설치되어 있지 않습니다.

이 사이트를 나눔글꼴로 보기 위해서는
나눔글꼴을 설치해야 합니다.

설치 취소

Sketchbook5, 스케치북5

Sketchbook5, 스케치북5

Sketchbook5, 스케치북5

Sketchbook5, 스케치북5