Hi,
Firstly a courteous hello as this is my first post on this very informative forum.
However I am in need of advice.
I am a work placement student on my placement as part of my Forensic Computing Degree, very little is covered in regards to the mobile side of forensics on the course.
I started my placement two weeks ago, which involves mobile and PC investigations.
I am looking for advice on recommendations in regards to the software and hardware involved in "hex dumping" of the mobile handset.
What do the experts use for the extraction and then subsequent analysis of the dumps.
The reason I ask is I will be advising on the purchases of these products, so any help would be greatly appreciated.
Thank you
Simon
To be honest, the majority of people performing mobile device forensics do not analyze physical hex dumps. I'm not saying there aren't people who do, but by and large it's not common practice. First, because it requires a level of sophistication, training and knowledge which far surpasses the average LEO and also because the software which is able to perform physical acquisitions of mobile devices is not as prevalent as software which can do logical only acquisitions.
The best platform I've seen for doing physical grabs of a mobile device's memory is Microsystemation's XACT (http//
Jeff
AccessData has a mobile device examiner that requires FTK 2.0.
Of course there are others
Check out
I have been looking at XACT earlier, and seems like a good piece of equipment.
I have been recommended from a phone forensics forum, that using a phone flasher such as Shu-Box http//
We are awaiting the delivery of Oxygen at the moment for sim-card extraction etc..
I really appreciate the help guys and will research what you have said )
Thank you