Suspicious Package is an installer inspection utility. It offers package content review and installation script analysis to help users safely inspect installer packages before execution. With a focus on security, it streamlines package validation for administrators and power users.
anchor apple generic and identifier "com.mothersruin.SuspiciousPackageApp" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "936EB786NH")