Mobile Forensics
Mobile Forensics (Français)
Mobile Forensics (Français)
  • Introduction
  • Preparations
    • Knowledge
    • Safety
    • Trust
    • Backup
  • Methodology
  • Vérification des ordinateurs Windows
    • Examen des programmes lancés au démarrage
    • Examiner les processus en cours
    • Examiner les connexions réseau
    • Extraire des données pour permettre une analyse plus approfondie
  • Checking Mac Computers
    • Review Programs Launching at Startup
    • Review Running Processes
    • Review Kernel Extensions
    • Review Network Connections
    • Review XProtect Logs
    • Extract Data for Further Analysis
  • Vérification des smartphones
    • Note : curriculum
    • Architecture des systèmes de smartphones
    • Vérifier les appareils liés aux applications de messagerie instantanée
    • Vérifier la présence de messages suspects
    • Surveiller le trafic réseau
    • Remarque : surveillance du trafic réseau sur Linux
  • Checking Android Devices Basic
    • Review Installed Applications
    • Check Storage
    • Check if the Phone is under Android Device Policy
    • Check if the Phone is Rooted
    • Check if Developer Options is Enabled
    • Analyze Applications
    • Extract Data for Further Analysis
    • Optional : Check for Indicators of Stalkerware Installation
  • Checking Android Devices Advanced
    • Wireshark
    • MVT
    • Other Tools
  • Checking iOS Devices
    • Review iCloud Accounts
    • Review Installed Applications
    • Check for Mobile Device Management Profiles
    • Check for Shortcuts
    • Check for Jailbreaks
    • Enable and Check App Privacy Report
    • Extract Data for Further Analysis
    • Analyzing Extracted Data
    • About Lockdown Mode
  • Checking Devices Remotely
    • Mac Computers
    • Android
  • Concluding a Forensic Gathering
  • References and Further Learning
  • License and Credits
Powered by GitBook
On this page

Checking Mac Computers

PreviousExtraire des données pour permettre une analyse plus approfondieNextReview Programs Launching at Startup

Last updated 4 months ago

In this section we will go through some of the basic steps to take when checking a suspected Mac OS computer. Following are the tools (with links to their respective download pages) we are going to demonstrate here:

  • developed by Objective-See

  • developed by Objective-See

  • developed by Objective-See

  • developed by Objective-See

  • Objective-See often and they might be helpful as well

  • developed by CrowdStrike (not updated since 2021, supports up to macOS 11)

KnockKnock
TaskExplorer
KextViewr
Netiquette
publishes new tools
AutoMacTC