April 2020
Intermediate to advanced
400 pages
10h 12m
English
book
Practical Mobile Forensics - Fourth Edition
by Rohit Tamma, Oleg Skulkin, Heather Mahalik, Satish Bommisetty
Content preview from Practical Mobile Forensics - Fourth Edition
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Downloaded third-party applications
Third-party applications that are downloaded and installed from the App Store—including applications such as Facebook, WhatsApp, Viber, Threema, Tango, Skype, and Gmail—contain a wealth of information that is useful for an investigation. Some third-party applications use Base64 encoding, which needs to be converted for viewing purposes as well as encryption. Applications that encrypt the database file may prevent you from accessing the data residing in the tables. Encryption varies among these applications, based on the application and iOS versions.
A subdirectory with a universally unique identifier (UUID) is created for each application that is installed on the device in the /private/var/mobile/Containers/Data/Application ...