Spotlight is a blue team lab that falls under the Endpoint Forensics category and will cover the following subjects: Autopsy, mac_apt, SQLite, steghide, Defense Evasion, Credential Access, Discovery, Collection.
Learning Objectives
Investigate macOS disk images using Autopsy, mac_apt, and SQLite to identify and extract hidden data potentially concealed with steganography.