Information Security Research & Defense

Malware Analysis

Fsdiff Tool

Python proof-of-concept fslogger-csv log parser. The script takes an fslogger-csv log file as input and produces a formatted list of all files created, modified, and deleted.


Modified Fslogger Tool (fslogger-csv)

Fslogger-csv is a filesystem event collection tool that produces a CSV style log of filesystem events. This tool is a slightly modified version of Amit Singh’s fslogger tool. Amit created fslogger as a proof-of-concept tool to show concepts covered in his book Mac OS X Internals. The original source and fslogger-csv.c have been released under the GPLv2.