Pac4Mac is a portable Forensics framework (to launch from USB storage) allowing extraction and analysis session informations in highlighting the real risks in term of information leak (history, passwords, technical secrets, business secrets, ...). It can be used to check the security of your Mac OS X system or to help you during forensics investigation.

Features:

• Support of OS X 10.6, 10.7, 10.8 and 10.9

• Data extraction through: User or Root access, Single Mode access, Target Mode access (Storage media by Firewire or Thunderbolt)

• 3 dumping modes : Quick, Forensics, Advanced.

• DMA access features (exploitation of Firewire and Thunderbolt interfaces): Unlock or bypass in writing into RAM, Dumping RAM content, Exploit extracted data.

• Support of 4 browsers (Safari, Chrome, Firefox, Opera)

• Multi-profiles extraction (eg: Firefox, Skype)

• Each launched action is logged and can be easily reviewed

• Easy to add new target (file, directory user, command, …) to extract (with db files and functions)

• All passwords found during dump or analysis are displayed

• All passwords found during dump or analysis are stored in common database(human readable format) and used for the next steps

• And more...