I always try to view package contents when I download a
.pkg file, with something like Pacifist. The other day, doing that installed some malware:
I hadn’t run it, just opened in Pacifist. Bitdefender caught and deleted it, but it’s the first time I’ve seen malware on my Mac.
After that scare, I found Suspicious Package from Mothers Ruin Software:
Suspicious Package: An Application for Inspecting macOS Installer Packages
- Do you know what files that macOS Installer package actually installs?
- Do you know what scripts it runs during installation, and what they do?
- Do you know who the package really came from?
With Suspicious Package, you can answer these questions and more. Maybe you’re quite literally suspicious of a package you’ve downloaded. Or perhaps you’re just curious about what some package does. Or maybe you want to find out after the fact exactly what files a package scattered across your computer. Whatever the reason, Suspicious Package allows you to see inside an installer package. (And it’s completely free.)
Be suspicious. Use Suspicious Package from Mothers Ruin Software.