Mac Memory Forensics – WeChat Analysis in a live system

Rapid growth of the usage of OS X has inspired forensic researchers to analyze devices such as the iPad, iPhone and Mac deeply. Therefore, OS X forensics, starting from Jonathan Zdziarski in 2008, became a very hot topic. However, most of the research and trainings are focused on file system analysis. Although there are some methods: eg Volatility, Volafox, Memoryze for Mac, Mac Memory Reader, MacLockPick and Rekall, able to analyze mac memory, mac memory analysis is relatively strange. This paper is to demonstrate a fast track of mac memory forensics via studying the evidence of a very popular social networking application ‘WeChat’…

Read More

Leave a Comment

Latest Videos

This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feed settings page to add an API key after following these instructions.

Latest Articles

Share to...