[twodayslate]

https://mothersruin.com/software/SuspiciousPackage/ for those curious

[0xff00ffee]

Oooh this is good. A few years ago I came home drunk and wanted to watch this old film that wasn't on any channels. I found it on some dubious website, which required me to install a player .dmg. I drunkenly typed in my password, and then an hour later was like: dafuq did I just do?!? Next day I re-imaged my mac because I'm both paranoid and don't know enough about secops.

SuspiciousPackage wouldn't have helped combat Drunk Install Syndrome, but it might have been a helpful tool before I nuked my OS.

Or maybe this is just good marketing for SuspiciousPackage, which is really malware. Well played.

[mulmen]

If you don’t trust SuspiciousPackage just run it through SuspiciousPackage.

[JadeNB]

Similar functionality: unpkg (https://www.timdoug.com/unpkg/). See also https://stackoverflow.com/questions/11298855/how-to-unpack-a... . I think unpkg handles mpkg files, which I haven't encountered in the wild for quite a while now; I don't know about the others.

[paulschreiber]

Pacifist is also handy https://www.charlessoft.com/