Skip to main content
OS X Anti-Forensics Techniques 2 - Assaulting OS X

OS X Anti-Forensics Techniques 2 - Assaulting OS X

Continuing the review of Mac OS X in the context of anti-forensics methodology, the Grugq delves here into file system attacks, in particular focusing on exploitable aspects of HFS+. The researcher provides an analysis of this file system’s components and makes an insight into the essence of B*tree nodes and data forks, singling out the ways to use those while conducting HFS+ attacks.

Admin
Admin
6.8K
OS X Anti-Forensics Techniques - How the Leopard Hides His Spots

OS X Anti-Forensics Techniques - How the Leopard Hides His Spots

The Grugq, a well-known anti-forensics researcher with substantial computer security background, outlines the key issues related to counter-forensics for the OS X platform while participating in HIRBSecConf event. During this presentation entitled “How the Leopard Hides His Spots”, the Grugq, in particular, describes the techniques that help evade application-level file format attacks, HFS-specific attacks, SQLite-based attacks, etc., based on his previous experience.

Admin
Admin
17.3K