mac

Script Update - Mac (& iOS) Location Scraper (macOS and iOS 10 Updates)

July 05, 2017 in analysis, scripts, update

Yep, you read that right - Mac Location Scraper! I've updated my 'iOS Location Scraper' script to be compatible with the same location database found on iOS - the cache_encryptedA.db (and lockCache_encryptedA.db) that are now found on macOS at least as far back as 10.8.

On macOS these databases hold similar Wi-Fi location data. I have found these databases to be located in the /var/folders/zz/zyxvpxvq6csfxvn_n00000sm00006d/C/ directory. It appears to store about last seven days worth of Wi-Fi related data.

I have also updated the script to support the newer 'routined' CoreRoutine.sqlite database on iOS 10. This database does tend to get stored with a *.shm/*.wal database files so I would recommend pulling off all the files and consolidating them into the main database *.sqlite file, otherwise all the data will not be extracted.

You can get the script here!

Presentation Update: Analysis and Correlation of Mac Logs

March 17, 2016 in osx, logs, analysis

This week I had the privilege of presenting an updated version of my "Analysis and Correlation of Mac Logs" talk at the CTIN Conference.

The updated slides have been uploaded to my presentation area on GitHub.

Note: Some content from the older presentation is still valid, however due to timing I had to cut out some slides, therefore both presentations are still available.

Script Update - Mac (& iOS) Location Scraper (macOS and iOS 10 Updates)

Presentation Update: Analysis and Correlation of Mac Logs

mac4n6.com

Latest Posts

Tweets