In this short tutorial by Cordny Nederkoorn, the instructor of our MacOS Anti-Forensics course, you will learn how to use CyberChef - also known as the Cyber Swiss Army Knife! Encoding, encryption, compression, and data analysis are covered - we hope you find it interesting and find some uses for it. Let's go!
This course will give students an introduction into the exciting world of MacOS anti-forensics and its tools. For a computer forensics professional, MacOS anti-forensics is important to know, because criminals will use anti-forensics to hide or alter forensic evidence on a Windows computer, but also on a MacOS. Unfortunately, it is not well documented.
The MacOS is gaining more popularity. More people are using the MacOS, including criminals. This increases the chance of having to investigate a MacOS as criminal evidence. Criminals know this, and they will undertake measures to prevent forensic investigators from obtaining this evidence for use in court.
Besides that, it is interesting because you, as a computer forensics professional, will learn techniques used by criminals to make your work complex. This will broaden your knowledge about how a criminal thinks and operates, which will help you in your forensic investigation.
By using specific tooling, you will learn to apply anti-forensics, but also detect when it's used to hide/alter forensic evidence. This will help you choose the most suited tool in their computer forensics work to detect MacOS anti-forensics techniques.
- With the knowledge you gain in this course, you will have an understanding of MacOS anti-forensics, the parts it consists of, use cases and the arms race between criminal and forensics investigators
- When you have learned the skills, you will be capable of using and detecting techniques on digital evidence found on a MacOS
- Given the tools described in this course, like CyberChef, SilentEye, and otthers, you will be able to use and detect techniques on digital evidence found on a MacOS
- All this will give you a much needed skill in computer forensics: how to deal with anti-forensics on a MacOS