Assured Information Security Wifi-Investigator

MacResponse LE™

MacResponse LE™ was developed by AIS through a National Institute of Justice (NIJ) Electronic Crime grant and is made available free of charge.

MacResponse LE™ is designed to provide law enforcement with critical capabilities needed to reliably collect and analyze data from live computer systems running various versions of Mac OS X.

Visit the Options section for a listing of the current versions available, associated capabilities, supported operating systems and known limitations. To obtain a copy of MacResponse LE™ and user documentation, please fill out the form below and a download link will be sent to you. For a copy of the GPL protected MacResponse LE™ source code (Data Acquisition and Analysis Console), click here.

Please keep in mind that while the source code for MacResponse is available and other versions may be developed, you can always download a AIS compiled copy of MacResponse LE™ from this website.

MacResponse Pro™ Coming Soon!

Current Version Available: MacResponse LE™ v1.0

MacResponse LE™: Live Acquisition

MacResponse LE™: Live Acquisition includes the following modules:

  • Disk Information
  • Filesystem Information
  • FileVault Detection
  • Spotlight Application List
  • Loaded Drivers
  • Login Sessions
  • Network Configuration
  • Network Connections
  • Physical Memory
  • Process Information
  • Property Lists
  • Screenshot
  • System Information
  • System Date and Time
  • User Information

Known Limitations:

  • Physical Memory module does not currently work for OS X 10.7
  • Physical Memory module requires admin privileges
  • Process Information module collects limited data without admin privileges
  • Spotlight Application List module carries a dependency to Mac’s Spotlight application
  • The user can limit the effectiveness of this module by either disabling Spotlight, or by applying Spotlight filters to not show specific applications in the listing

Dependencies:

  • None, assuming it is being run against one of the listed supported Mac OS X versions

MacResponse LE™: Analysis Console

MacResponse LE™: Analysis Console has been tested against the following operating systems:

  • Mac OS X 10.6 (32 and 64 bit)
  • Mac OS X 10.7 (64 bit)
  • Windows XP (32 bit)
  • Windows Vista (32 and 64 bit)
  • Windows 7 (32 and 64 bit)
  • Ubuntu Linux 11.04 (32 and 64 bit)
  • Ubuntu Linux 11.10 (32 and 64 bit)

MacResponse LE™: Analysis Console provides a platform for viewing the data collected by the Live Acquisition component of MacResponse LE™, and for generating custom reports. The Analysis Console provides:

  • Data viewing/browsing
  • Custom report generation (include/exclude data from selected modules)
  • PDF exports

Dependencies:

  • MacResponse LE™: Analysis Console was built with Java SDK version 6, and requires a minimum of Java version 6 JVM running on the target operating system.

Download

Please take a moment and fill out the requested information. Upon completion, you will be provided with a link to download a 31.7MB zip file containing MacResponse LE™ and user documentation.

MacResponse LE™ releases that are downloaded from this website have been compiled, tested and deemed stable by the AIS development team. AIS cannot make these claims for versions and releases that were not directly obtained from this website.

Please wait...

* Denotes required field.  Download not working? Try disabling your pop-up blocker.

Privacy Policy: Under no circumstances will AIS provide or redistribute the information collected on this page to any third parties.

Source Code

You can download the full source code at our GitHub repo

DOWNLOAD

About AIS

AIS founded in 2001, provides government and commercial customers with cyber security research, engineering, development, products and services. Headquartered in Rome, NY, AIS also has offices in Dayton, OH, Baltimore, MD, San Antonio, TX and Portland, OR. For additional corporate information, please visit www.ainfosec.com.