From ee7b5d87593bdacf13ec6e6bcaaf4a41a3981128 Mon Sep 17 00:00:00 2001 From: Meir Wahnon Date: Mon, 15 Feb 2016 15:38:47 +0200 Subject: [PATCH 1/3] Adding KonckKnock to OSX section --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 89b950d..9e1fb12 100644 --- a/README.md +++ b/README.md @@ -93,6 +93,7 @@ A curated list of tools and resources for security incident response, aimed to h ### OSX Evidence Collection * [OSX Auditor](https://github.com/jipegit/OSXAuditor) - OSX Auditor is a free Mac OS X computer forensics tool * [OSX Collector](https://github.com/yelp/osxcollector) - An OSX Auditor offshoot for live response +* [Knockknock](https://github.com/synack/knockknock) - displays persistent items (scripts, commands, binaries, etc.), that are set to execute automatically on OS X ### Linux Evidence Collection From a45659f71bee7c7083d164118c4e87524747a20c Mon Sep 17 00:00:00 2001 From: Meir Wahnon Date: Mon, 15 Feb 2016 15:40:04 +0200 Subject: [PATCH 2/3] remove unneeded comma --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 9e1fb12..6225fd6 100644 --- a/README.md +++ b/README.md @@ -93,7 +93,7 @@ A curated list of tools and resources for security incident response, aimed to h ### OSX Evidence Collection * [OSX Auditor](https://github.com/jipegit/OSXAuditor) - OSX Auditor is a free Mac OS X computer forensics tool * [OSX Collector](https://github.com/yelp/osxcollector) - An OSX Auditor offshoot for live response -* [Knockknock](https://github.com/synack/knockknock) - displays persistent items (scripts, commands, binaries, etc.), that are set to execute automatically on OS X +* [Knockknock](https://github.com/synack/knockknock) - displays persistent items (scripts, commands, binaries, etc.) that are set to execute automatically on OS X ### Linux Evidence Collection From e0ab1523e462a666fb2f9e20efa092276f8df83b Mon Sep 17 00:00:00 2001 From: Meir Wahnon Date: Mon, 15 Feb 2016 15:41:35 +0200 Subject: [PATCH 3/3] small change --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 6225fd6..231249b 100644 --- a/README.md +++ b/README.md @@ -93,7 +93,7 @@ A curated list of tools and resources for security incident response, aimed to h ### OSX Evidence Collection * [OSX Auditor](https://github.com/jipegit/OSXAuditor) - OSX Auditor is a free Mac OS X computer forensics tool * [OSX Collector](https://github.com/yelp/osxcollector) - An OSX Auditor offshoot for live response -* [Knockknock](https://github.com/synack/knockknock) - displays persistent items (scripts, commands, binaries, etc.) that are set to execute automatically on OS X +* [Knockknock](https://github.com/synack/knockknock) - Displays persistent items(scripts, commands, binaries, etc.) that are set to execute automatically on OSX ### Linux Evidence Collection