Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/pstirparo/mac4n6

Collection of forensics artifacts location for Mac OS X and iOS
https://github.com/pstirparo/mac4n6

Last synced: 3 months ago
JSON representation

Collection of forensics artifacts location for Mac OS X and iOS

Host: GitHub
URL: https://github.com/pstirparo/mac4n6
Owner: pstirparo
License: apache-2.0
Created: 2015-03-15T22:46:25.000Z (over 9 years ago)
Default Branch: master
Last Pushed: 2021-11-11T10:59:21.000Z (almost 3 years ago)
Last Synced: 2024-07-25T03:35:45.347Z (4 months ago)
Language: Python
Homepage:
Size: 2.08 MB
Stars: 321
Watchers: 36
Forks: 45
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

awesome-security-collection - **197**星

README

# Mac4n6 Group

Interested in Mac OS X and iOS Forensics? We are collecting and maintaining a list of mac4n6 resources.

## Artifacts
The idea is to create one single point of collection for OS X and iOS artifacts location, trying to collect more information for each artifact, not just a path!

The motto? Reusable format.
The goal is that the information collected have to be “machine parsable” and mostly “human readable/writable”, reusable by any application, library, etc. (am I too optimistic?). That is why as main collaboration tool for the collection, we use a shared spreadsheet so that anyone can add new artifacts, there is no need to know how to code to contribute to this project (so, no excuses!).
From here, two (simple) scripts will convert the csv file into:
* yaml artifact library file, so that other applications can use it. No crapy/fancy xml things.
* ForensicsWiki page, one of the point of reference for forensics practitioners.

This way the effort is centralized and made only once.

### Mac OS X Forensics Artifacts
Here is the shared spreadsheet for the OSX artifacts:
* https://docs.google.com/spreadsheets/d/1X2Hu0NE2ptdRj023OVWIGp5dqZOw-CfxHLOW_GNGpX8/edit#gid=1317205466

Here is the link to the ForensicsWiki page updated from the above spreadsheet
* http://forensicswiki.org/wiki/Mac_OS_X_10.9_-_Artifacts_Location
* https://forensicswiki.org/wiki/Mac_OS_X_10.11_(ElCapitan)_-_Artifacts_Location

### iOS Forensics Artifacts
Here is the shared spreadsheet for the iOS artifacts (way too much initial phase still):
* https://docs.google.com/spreadsheet/ccc?key=0An7-sa0Wh9_TdFVTTWJ3MzZMb2pGWF93RzRLWGd1YlE&usp=sharing

## Mac4n6 Papers and Presentations
Here you find some of the most interesting presentation on Mac OS X and iOS Forensics.
* https://drive.google.com/drive/folders/0B37-sa0Wh9_TdjVSbzRvMEVGQ2c?resourcekey=0-nz5A4RSaxKhFrun3tpTU7w&usp=sharing

## Contribute
If you are interested in contributing, please join us at https://groups.google.com/d/forum/mac4n6

Notice: The information collected will be made available under the Common Creatives 2.5 license http://creativecommons.org/licenses/by-sa/2.5/