Difference between pages "Wetstone" and "MacQuisition Boot CD"
From Forensics Wiki
(Difference between pages)
Joachim Metz (Talk | contribs) |
|||
| Line 1: | Line 1: | ||
| − | + | {{Infobox_Software | | |
| − | + | name = MacQuisition Boot CD | | |
| + | maintainer = [[BlackBag Technologies, Inc.]] | | ||
| + | os = {{Mac OS X}} | | ||
| + | genre = {{Live CD}}, {{Disk imaging}} | | ||
| + | license = ??? | | ||
| + | website = [http://www.blackbagtech.com/products/macquisition.htm http://www.blackbagtech.com/products/macquisition.htm] | | ||
| + | }} | ||
| + | |||
| + | The '''MacQuisition Boot CD''' is a forensic [[Boot CD]]/[[Live CD]] built for imaging [[Mac OS X]] systems. | ||
| + | |||
| + | =Features= | ||
| + | |||
| + | ==File Systems Understood== | ||
| + | |||
| + | * For Macs! Produces a [[dd]] image. | ||
| + | |||
| + | ==File Search Facilities== | ||
| + | |||
| + | ==Historical Reconstruction== | ||
| + | |||
| + | Can it build timelines and search by creation date? | ||
| + | |||
| + | ==Searching Abilities== | ||
| + | |||
| + | Can it search? Does it build an index? Can it focus on file types or particular kinds of metadata? | ||
| + | |||
| + | ==Hash Databases== | ||
| + | |||
| + | Can it create hashes of files and/or blocks? Can it compare these hash values to any databases? | ||
| + | What sort of hash functions does it use? | ||
| + | |||
| + | ==Evidence Collection Features== | ||
| + | |||
| + | Can it sign files? Does it keep an audit log? | ||
| + | |||
| + | =History= | ||
| + | |||
| + | ==License Notes== | ||
| + | |||
| + | Is it commercial or open source? Are there other licensing options? | ||
| + | |||
| + | = External Links = | ||
| + | |||
| + | ==External Reviews== | ||
Revision as of 06:31, 28 July 2012
| MacQuisition Boot CD | |
|---|---|
| Maintainer: | BlackBag Technologies, Inc. |
| OS: | Mac OS X |
| Genre: | Live CD,Disk imaging |
| License: | ??? |
| Website: | http://www.blackbagtech.com/products/macquisition.htm |
The MacQuisition Boot CD is a forensic Boot CD/Live CD built for imaging Mac OS X systems.
Contents |
Features
File Systems Understood
- For Macs! Produces a dd image.
File Search Facilities
Historical Reconstruction
Can it build timelines and search by creation date?
Searching Abilities
Can it search? Does it build an index? Can it focus on file types or particular kinds of metadata?
Hash Databases
Can it create hashes of files and/or blocks? Can it compare these hash values to any databases? What sort of hash functions does it use?
Evidence Collection Features
Can it sign files? Does it keep an audit log?
History
License Notes
Is it commercial or open source? Are there other licensing options?
