April 2020
Intermediate to advanced
400 pages
10h 12m
English
book
Practical Mobile Forensics - Fourth Edition
by Rohit Tamma, Oleg Skulkin, Heather Mahalik, Satish Bommisetty
Content preview from Practical Mobile Forensics - Fourth Edition
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Analyzing and extracting data from Android image files using the Autopsy tool
The term Android image refers to the physical image (also called a forensic image or raw image) that is obtained by performing any of the physical data extraction techniques. Using the techniques explained in Chapter 9, Android Data Extraction Techniques, you can image the entire /data/data block or any particular block that is of relevance to the investigation. Once the image is obtained, an investigator like you can manually go through the contents of the file or take advantage of the available tools to parse through the contents. Commercial tools, such as Cellebrite and XRY, can drill into the data and present a comprehensive picture of the contents. Autopsy ...