Tuesday, October 17, 2017

Update to FindUSBMSC.py for #macos #USBMSC parsing #dfir

FindUSBMSC is a script to parse the system logs on macos. It looks for USBMSC storage device plugins and links them back to the product information. This release includes some important fixes and improvements.

# v20171016 – Logic cleanup. Improve pid and vid parsing. Added list of unique devices. Added options parser.
# v20171017 – Add option to parse any file or just system log files. Useful for carved logs.

You can download the latest v20171017 from the following locations:

http://ift.tt/2gLBnpY or

http://ift.tt/2ig9CcH


by Dave via EasyMetaData

No comments:

Post a Comment