Osxcollector Versions Save

A forensic evidence collection & analysis toolkit for OS X

v1.10

5 years ago

Notes:

  • Removed CodeSignChecker, as the current implementation would have allowed for maliciously crafted universal/fat binaries to appear to be signed by Apple (CVE-2018-10406). CodeSignChecker may be reimplemented in the future. Many thanks to Josh Pitts for reporting this issue. (#160)

Bug Fixes:

  • Fixed travis build issues (#162)
  • Fixed timestamp parsing (#157)

Features:

  • atime metadata collected for files. (#161)
  • Files found in PATH directories collected. (#158)
  • Additional chrome profile directories checked. (#154)