O'Reilly logo

Learning iOS Forensics - Second Edition by Pasquale Stirparo, Mattia Epifani

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Application analysis

When analyzing an application, you need to look at all its activities and interactions with the system by analyzing all the traces and artifacts left on the system while it was running and after it has run and to/from the system. This means being able to understand how and with whom the application communicates by sending and receiving data. Therefore, you need to look at the three states where data can exist. The following are the three states where data can exist:

Data at rest

With data at rest, we refer to all the data recorded on storage media; in our case, on the mobile device's internal memory. These are the plist files, the sqlite databases, logs, and any other information we can retrieve directly from the media itself. ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required