SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 

mac_apt rpm build for : CentOS Other. For other distributions click mac_apt.

Name : mac_apt
Version : 1.4.3.dev Vendor : cert_org
Release : 3.el9 Date : 2022-03-16 23:10:04
Group : Applications/Forensics Tools Source RPM : mac_apt-1.4.3.dev-3.el9.src.rpm
Size : 97.82 MB
Packager : Lawrence R_ Rogers (lrr_cert_org)
Summary : Mac OS Artifact Parsing Tool
Description :
mac_apt is a DFIR (Digital Forensics and Incident Response) tool to process Mac computer full disk images (or live machines) and extract
data/metadata useful for forensic investigation. It is a python based framework, which has plugins to process individual artifacts (such as Safari
internet history, Network interfaces, Recently accessed files & volumes, ..)

mac_apt now also includes ios_apt, for processing ios images.

Requirements: Python 3.7 or above (32/64 bit)

Features

* Cross platform (no dependency on pyobjc)
* Works on E01, VMDK, AFF4, DD, split-DD, DMG (no compression), SPARSEIMAGE & mounted images
* XLSX, CSV, TSV, Sqlite outputs
* Analyzed files/artifacts are exported for later review
* zlib, lzvn, lzfse compressed files are supported!
* Native HFS & APFS parser
* Reads the Spotlight database and Unified Logging (tracev3) files

Latest
* Can read Axiom created targeted collection zip files
* ios_apt can read GrayKey extracted file system
* Can read RECON created .sparseimage files
* Support for macOS Big Sur Sealed volumes (11.0)
* Introducing ios_apt for processing iOS/ipadOS images
* FAST mode
* Encrypted APFS images can now be processed using password/recovery-key
* macOS Catalina (10.15+) separately mounted SYSTEM & DATA volumes now supported
* AFF4 images (including macquisition created) are supported

RPM found in directory: /mirror/vol2/forensics.cert.org/centos/cert/9/x86_64

Content of RPM  Changelog  Provides Requires

Hmm ... It's impossible ;-) This RPM doesn't exist on any FTP server

Provides :
mac_apt
mac_apt(x86-64)

Requires :
/bin/sh
/usr/bin/perl
/usr/bin/sh
/usr/local/lib/PythonVirtualEnvironments/mac_apt-1.4.3.dev-3/bin/python
rpmlib(CompressedFileNames) <= 3.0.4-1
rpmlib(FileDigests) <= 4.6.0-1
rpmlib(PartialHardlinkSets) <= 4.0.4-1
rpmlib(PayloadFilesHavePrefix) <= 4.0-1
rpmlib(PayloadIsZstd) <= 5.4.18-1


Content of RPM :
/usr/bin/mac_apt
/usr/bin/mac_apt.py
/usr/bin/mac_apt_artifact_only
/usr/bin/mac_apt_artifact_only.py
/usr/bin/mac_apt_mounted_sys_data
/usr/bin/mac_apt_mounted_sys_data.py
/usr/local/lib/PythonVirtualEnvironments/mac_apt-1.4.3.dev-3
/usr/local/lib/PythonVirtualEnvironments/mac_apt-1.4.3.dev-3/.gitignore
/usr/local/lib/PythonVirtualEnvironments/mac_apt-1.4.3.dev-3/LICENSE
/usr/local/lib/PythonVirtualEnvironments/mac_apt-1.4.3.dev-3/bin
/usr/local/lib/PythonVirtualEnvironments/mac_apt-1.4.3.dev-3/bin/__pycache__
/usr/local/lib/PythonVirtualEnvironments/mac_apt-1.4.3.dev-3/bin/__pycache__/vba_extract.cpython-39.pyc
/usr/local/lib/PythonVirtualEnvironments/mac_apt-1.4.3.dev-3/bin/activate
/usr/local/lib/PythonVirtualEnvironments/mac_apt-1.4.3.dev-3/bin/activate.csh
/usr/local/lib/PythonVirtualEnvironments/mac_apt-1.4.3.dev-3/bin/activate.fish
/usr/local/lib/PythonVirtualEnvironments/mac_apt-1.4.3.dev-3/bin/activate.nu
/usr/local/lib/PythonVirtualEnvironments/mac_apt-1.4.3.dev-3/bin/activate.ps1
/usr/local/lib/PythonVirtualEnvironments/mac_apt-1.4.3.dev-3/bin/activate_this.py
/usr/local/lib/PythonVirtualEnvironments/mac_apt-1.4.3.dev-3/bin/csv2rdf
/usr/local/lib/PythonVirtualEnvironments/mac_apt-1.4.3.dev-3/bin/deactivate.nu
/usr/local/lib/PythonVirtualEnvironments/mac_apt-1.4.3.dev-3/bin/futurize
/usr/local/lib/PythonVirtualEnvironments/mac_apt-1.4.3.dev-3/bin/pasteurize
/usr/local/lib/PythonVirtualEnvironments/mac_apt-1.4.3.dev-3/bin/pip
/usr/local/lib/PythonVirtualEnvironments/mac_apt-1.4.3.dev-3/bin/pip3
/usr/local/lib/PythonVirtualEnvironments/mac_apt-1.4.3.dev-3/bin/pip3.9
/usr/local/lib/PythonVirtualEnvironments/mac_apt-1.4.3.dev-3/bin/python
/usr/local/lib/PythonVirtualEnvironments/mac_apt-1.4.3.dev-3/bin/python3
/usr/local/lib/PythonVirtualEnvironments/mac_apt-1.4.3.dev-3/bin/python3.9
/usr/local/lib/PythonVirtualEnvironments/mac_apt-1.4.3.dev-3/bin/rdf2dot
/usr/local/lib/PythonVirtualEnvironments/mac_apt-1.4.3.dev-3/bin/rdfgraphisomorphism
There is 5826 files more in these RPM.

  
ICM