Rezultati pretraživanja
  1. 28. sij

    I updated my APFS 010 hex editor template for my students doing APFS research. Will be beneficial for others too. Almost all known structures are in there now including encryption ones.

    1 reply 17 proslijeđenih tweetova 36 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
  2. 24. sij

    Unified Logging parser is now updated to python3. Been a while since last release, so some bugs squashed and minor update for new changes seen in catalina. Added windows exe too.

    1 reply 13 proslijeđenih tweetova 39 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
  3. 24. sij

    3rd tool: A parsing tool for backgrounditems.btm. This file is stored the entries of "Login Items". (3/3)

    12 proslijeđenih tweetova 29 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
  4. 24. sij

    2nd tool: macOS Artifact Collector is a Forensic Artifact Collection Tool for macOS. It can collect artifacts in Time Machine backups and extended attributes too. (2/3)

    1 reply 11 proslijeđenih tweetova 35 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
  5. 24. sij

    Hello, guys! Finally, I have released new 3 tools for and for macOS. Please try them and have a nice weekend :) 1st tool: Norimaci is malware analysis sandbox for macOS. This tool was inspired Noriben sandbox. (1/3)

    152 proslijeđena tweeta 277 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
  6. 14. sij

    Providing Context to iOS App Usage with knowledgeC.db and APOLLO

    12 proslijeđenih tweetova 20 korisnika označava da im se sviđa
  7. 14. sij

    New Year New APOLLO – Officially out of Beta iOS 13 Module Updates!

    18 proslijeđenih tweetova 34 korisnika označavaju da im se sviđa
  8. 13. sij

    Very thorough info on the Apple Notes Protobufs! Thank you for putting it together! 📝

    New blog post on how embedded objects are represented in Apple Notes and how to put them back together again. Enjoy!
    1 reply 2 proslijeđena tweeta 9 korisnika označava da im se sviđa
  9. 5. sij

    [On-Demand Webinar] Solution Engineers Tim Thorne & Stephanie Thompson use MacQuisition to walk through acquiring various Mac computers installed with APFS and/or a T2 secured Mac computer, taking the mystery away of imaging. Watch now:

    4 proslijeđena tweeta 4 korisnika označavaju da im se sviđa
  10. 29. pro 2019.

    When you spend all night on a call-out and nothing seems to work but at least you set up your shiny new Macs

    1 proslijeđeni tweet 12 korisnika označava da im se sviđa
  11. 28. lis 2019.

    zsh has command execution timestamps. We can get them by executing “history -i 1”. However, if the session ends, they will be the same as the modification date of the .zsh_history file.

    2 proslijeđena tweeta 4 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
  12. 15. lis 2019.

    Today is the day! I’ll be speaking about all things pattern of life and APOLLO today at 3pm Eastern! Register and join me!

    Read all about iOS location mapping with Sarah Edward's : Don't miss part 2: To learn more, join 's webcast on October 15:
    10 proslijeđenih tweetova 28 korisnika označava da im se sviđa
  13. 10. lis 2019.

    👇This is an awesome work well done ... looks like I may have few additions to make to my artifact collection thanks :) Big shout also to

    macOS forensic artifact stream incoming.
    Prikaži ovu nit
    4 proslijeđena tweeta 10 korisnika označava da im se sviđa
  14. 10. lis 2019.

    So, it seems that we have a “universal” jailbreak for (almost) all the iPhones.... It means the we will have soon a forensic solution for a full file system acquisition of iOS devices! Curious to see who will be the first implementing it :)

    6 proslijeđenih tweetova 23 korisnika označavaju da im se sviđa
  15. 7. lis 2019.

    macOS 10.15 is out! iOS backups now performed thru the Finder app. Layout is different but the usual options are there. Location of the MobileSync backup folder in the usual spot.

    1 reply 4 proslijeđena tweeta 14 korisnika označava da im se sviđa
  16. 4. lis 2019.

    What a coincidence! I was decoding the same artifact (SavedState) last week too.. Good writeup!

    1 reply 12 proslijeđenih tweetova 22 korisnika označavaju da im se sviđa
  17. 27. ruj 2019.

    Just Call Me Buffy the Proto Slayer – An Initial Look into Protobuf Data in Mac and iOS Forensics

    26 proslijeđenih tweetova 39 korisnika označava da im se sviđa
  18. 15. ruj 2019.

    Congrats to the newest Mac Lethal Forensicators! Team Mac N’ Cheese!

    5 proslijeđenih tweetova 59 korisnika označava da im se sviđa
  19. 12. ruj 2019.

    If you use mac_apt from linux, update to the latest code in github. Just made a quick edit to partially fix python's inability to read CreatedTime for linux, as it's not included in stat. Only affects MOUNTED mode when using apfs-fuse mounted volumes.

    2 proslijeđena tweeta 5 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
  20. 9. ruj 2019.

    Siri is so eager to learn about Mac forensics with

    1 proslijeđeni tweet 17 korisnika označava da im se sviđa

Nema rezultata.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.