Suspicious Package icon

Suspicious Package For Mac

3.4/5 14
Certified 100% CLEAN Freeware   

Inspect the contents of .pkg installer packages, verify their security, extract contained files, and analyze install scripts, without actually running the installer. #PKG Preview  #Extract PKG  #Analyze PKG  #PKG  #Installer  #Preview  

Softpedia Review

changelog

Free Download

Review by:
5.0/5

macOS installer packages (.pkg files) are curious. Some are completely unnecessary, some are required for properly installing specific software, and others might contain bloatware or even malware. The problem is, how can you tell which is which?

Suspicious Package is one way to do it. It’s a free app that allows you to peek inside .pkg files before running them. You can see what they contain, check their signature and notarization status, analyze install scripts, and extract files.

To get some basic info, you can simply use Quick Look. The app’s plugin will provide additional details in this view, such as previous installations, developer ID, notarization, and the number of install scripts to be run. If you need more details, you can open it with Suspicious Package directly.

The easiest way to do that is by dropping the .pkg file onto the app’s Dock icon. Here, information is split into multiple tabs, with the second showing you all the files contained in the package. You can inspect these with Quick Look or just drag them to Finder to extract them.

If security is on your mind, you can check the package’s signature and the developer ID certificate, whether it’s been notarized by Apple, and which install scripts it’s configured to run. If Suspicious Package finds any issues, it will present them for you to review.

The third tab concerns scripts, and this is where you’re going to need a bit of know-how if you want to figure out if a package is safe or not. Every install script will be listed, and the code open for analysis.

Whatever your reasoning for not just running installer packages directly, this app will be up to the task. You can extract apps and inspect or install them yourself, make sure the package is signed and notarized, and comb through install scripts for any indication of malware.

When combined with Apparency, it becomes even easier to get app details from .pkg files without even extracting them. You get a ton of functionality in a very intuitive package, and it’s completely free to boot.

What's new in Suspicious Package 4.4:

  • Added File > Show Launch Information for Item, which can be used on code-signed bundles or executables. It shows the code signing identity, as well as any explicit launch constraints that will gate the launch of that component on macOS 14 (Sonoma).
  • Added support for using Beyond Compare for the File > Compare Packages command. This can be configured via Suspicious Package > Preferences > Compare > Compare Packages Using.
  • Added a Swedish localization — thanks to Frank Winterpil for making this possible!
  • Updated the French localization — thanks to Olivier Prompt for keeping this going for so many years!
Read the full changelog
User Comments
This enables Disqus, Inc. to process some of your data. Disqus privacy policy

Suspicious Package 4.4

Softpedia Pick image  Softpedia Editor's Pick add to watchlist add to download basket send us an update REPORT
  runs on:
macOS 12.0 or later (Universal Binary)
  file size:
6.8 MB
  filename:
SuspiciousPackage.dmg
  7 screenshots:
Suspicious Package - Inspect macOS installer packages without running themSuspicious Package - See all contained files and inspect themSuspicious Package - You can use Quick Look to inspect contained files and appsSuspicious Package - screenshot #4Suspicious Package - screenshot #5Suspicious Package - screenshot #6Suspicious Package - screenshot #7
  main category:
Utilities
  developer:
  visit homepage