checkout4mac

P0C to detect recent activities on your Mac OS X system

How to quickly detect recent activities on your Mac OS X system? How to detect if someone attempted or succeeded to get an access to your Mac let in your hotel room during your dinner or party?

Just in analysing the system logs and files access dates with bash commands (like grep, find, ls, stat, awk, etc.)

Proof of Concept in Python, CheckOut4Mac, has been developed in order to automate the search and identify malicious activities from 3 questions: * When did you leave your hotel room? eg: 22/6 * At what time did you leave your hotel room? eg: 22 * How long time did you leave your hotel room? eg: 2

Readme : https://docs.google.com/file/d/0B_oq7opm7im8ZUFQbThhSGEwT3c
Source code : https://code.google.com/p/checkout4mac/source/checkout

Project Information

The project was created on Jul 8, 2013.

License: Apache License 2.0
7 stars
git-based source control

Labels:
Mac forensic hack log Filesystem

Code

Archive

checkout4mac

Project Information