Volafox is an open source toolkit that you can use for Mac OS X and BSD forensics. The tool is a python based and allows investigating security incidents and finding information for malwares and any malicious program on the system. Security analyst can have the following information using this tool:

• MAC Kernel version, CPU, and memory specification
• Mounted filesystems
• Kernel Extensions listing
• Process listing
• Task listing (Finding process hiding)
• Syscall table (Hooking detection)
• Mach trap table (Hooking detection)
• Network socket listing (Hash table)
• Open files listing by process
• Show Boot information
• EFI System Table, EFI Runtime Services
• Print a hostname

Screenshot for volafox (click to enlarge)

You can download the tool on the following link: https://code.google.com/p/volafox/