Tag Archives: Mac

Mac RAM Analysis Rekall Volatility software logos

Mac RAM Analysis Update 1

INTRODUCTION TO MAC RAM ANALYSIS UPDATE In our previous blog post, we talked about the initial obstacle of software being outdated or nonexistent. We still needed to conduct research and determine which tools we were going to use to capture RAM on a Mac, then analyze the contents of the RAM dump to see what […]

Continue reading
Mac Ram Analysis Corsair Memory

Mac Ram Analysis Introduction

INTROduction to mac ram analysis: The newest project from the LCDI is going to be accomplishing a Mac Ram analysis. Last semester, the LCDI investigated forensic artifact locations produced by user activity in Apple’s newest version of OS X, El Capitan. Those findings were then compared to our previous report on El Capitan’s predecessor, OS […]

Continue reading
Mac Forensics Report OS X El Capitan

Mac Forensics Report Official Release

mac forensics report is complete In the Mac Forensics report, the team at the LCDI looked at operating systems for Macs and tried to determine what artifacts can be collected and where their default locations can be found. Then they compared the two main operating systems: OS X and El Capitan. background information Last year […]

Continue reading
MacOSX Yosemite blurred background

Mac OS X Forensics Update

Intro On September 30th, 2015, Apple released its latest update to Mac OS X: El Capitan. El Capitan brings with it many improvements and features, such as Metal, IOS’s graphics API, improvements to Safari, Mail, IPhoto, and much more. Since our last blog post a few weeks ago, we have been busy with our research […]

Continue reading

Mac OS X Forensics: Conclusion

RESULTS With the semester coming to a close, the projects are wrapping up and the reports are rolling out. We are diving into examining the devices we used for the Handoff feature and are currently finding data that points to its use. Below you can see a Handoff request that was found in the devices […]

Continue reading