Tuesday, October 31, 2017

FindUSBMC updated – v20171030

I’ve updated FindUSBMSC to allow it to handle corrupted gzip files. You can find the latest version on my GitHub page at the link below.

Download

Here’s where you can get version v20171030

Change log

# v20171026 – Fixes issue with gzipped logs not being processed due to wrong variable being returned.
# v20171030 – Add code to allow gzip to ignore crc errors in gzip

 

Enjoy!


by Dave via EasyMetaData

Tuesday, October 17, 2017

Update to FindUSBMSC.py for #macos #USBMSC parsing #dfir

FindUSBMSC is a script to parse the system logs on macos. It looks for USBMSC storage device plugins and links them back to the product information. This release includes some important fixes and improvements.

# v20171016 – Logic cleanup. Improve pid and vid parsing. Added list of unique devices. Added options parser.
# v20171017 – Add option to parse any file or just system log files. Useful for carved logs.

You can download the latest v20171017 from the following locations:

http://ift.tt/2gLBnpY or

http://ift.tt/2ig9CcH


by Dave via EasyMetaData