Mac Memory Forensics – WeChat Analysis in a live system

by

Rapid growth of the usage of OS X has inspired forensic researchers to analyze devices such as the iPad, iPhone and Mac deeply. Therefore, OS X forensics, starting from Jonathan Zdziarski in 2008, became a very hot topic. However, most of the research and trainings are focused on file system analysis. Although there are some methods: eg Volatility, Volafox, Memoryze for Mac, Mac Memory Reader, MacLockPick and Rekall, able to analyze mac memory, mac memory analysis is relatively strange. This paper is to demonstrate a fast track of mac memory forensics via studying the evidence of a very popular social networking application ‘WeChat’…

Read More

Leave a Comment

Latest Articles

Introducing XRY 11.0.1 From MSAB
News

Introducing XRY 11.0.1 From MSAB

ByMSABMay 15, 2025
“You Knew What You Were Signing Up For” – A Harmful Narrative In DFIR?
ArticlesWell-being

“You Knew What You Were Signing Up For” – A Harmful Narrative In DFIR?

ByForensic FocusMay 15, 2025
Amped Authenticate Update Empowers Investigators With Expanded Tools For Deepfake Detection And Video Integrity Analysis
News

Amped Authenticate Update Empowers Investigators With Expanded Tools For Deepfake Detection And Video Integrity Analysis

ByAmpedSoftwareMay 15, 2025
Digital Forensics Round-Up, May 14 2025
News

Digital Forensics Round-Up, May 14 2025

ByForensic FocusMay 14, 2025
Detego Global Announces Sponsorship Of British Police Rugby Team’s Centenary Tour Of South Africa
News

Detego Global Announces Sponsorship Of British Police Rugby Team’s Centenary Tour Of South Africa

ByDetego Digital ForensicsMay 14, 2025
Hexordia’s Jessica Hyde: Navigating The Future Of Digital Forensics
Podcast

Hexordia’s Jessica Hyde: Navigating The Future Of Digital Forensics

ByForensic FocusMay 13, 2025