Back to News

macOS Mojave Forensics

Posted by adfsolutions on November 21, 2018

ADF collects artifacts from macOS MojaveThe best tools for rapid digital forensic investigations just got better with ADF's release of new software versions to support the collection of artifacts from macOS Mojave, in addition to macOS High Sierra and Windows. 

ADF software provides highly configurable artifact and file collection capabilities for macOS including web browser cached files, social media, P2P, cryptocurrency, cloud storage, user login events, anti-forensic traces, files shared via Skype, USB history, user connection log, etc.

Investigators can also search for evidence and collect emails including Apple Mail and Microsoft Outlook.  Other evidence collection features include the ability to:

  • Process APFS partitions, NTFS, FAT, HFS+, EXT, ExFAT, and YAFFS2 file systems, compute MD5 and SHA1 on collected files for integrity validation

  • Collect password protected and corrupted files for later review

  • Collect iOS backups on target computers

  • Detect and warn of BitLocker and FileVault2 protected drives

  • Leverage ADF's powerful boot capability (including UEFI secure boot and Macs) to access internal storage that cannot easily be removed from computers

See a full feature list for Digital Evidence Investigator®, Triage-Investigator® or Triage-G2®

Try ADF for 30 Days Free

Additional macOS Forensic Resources

 

Topics: Apple Mac Forensics, APFS, Digital Devices, Forensic Software, Digital Evidence Investigator, Triage-Investigator, Triage-G2, Forensic Triage, Triage, Digital Forensics

Subscribe to Monthly Newsletter

Posts by Tag

See all

Recent Posts

  • READY TO ACCELERATE YOUR DIGITAL INVESTIGATIONS?