Android Free Forensic Toolkit [Alpha]

Hi guys.

I'm writing a toolkit to help automate the imaging process and ease the analysis of communications and activity. It's totally free to download, although I cant guarantee everything will work as of yet (hence, alpha release).

If you are wondering why the last non-packaging commit was so long ago, that was because of my masters degree, which I have now (mostly) finished. Work will resume on the project as soon as I am back from Holland.

Current feature set

- Assists in imaging via dd (any method of gaining root access can be used, I prefer temp-booting devices to the TWRP recovery image myself)
- Mounts images in a forensically safe manner (Linux only)
- Extracts and analyses databases from a number of Android Applications (primarily social media at this time)
- Maintains a database of the 'getprop' settings at the time of imaging, can be used to prove some of the conditions under which the device was imaged
- Creates HTML reports of user activity by application, translating the data from the databases into human-readable information
- Creates a timeline of recorded usage of said applications in both HTML and SQLite database format

TODO

- Dropbox support
- Option for filesystem timeline
- Support for encrypted filesystems

You can find the latest Windows binary in the repository (https://github.com/AFFT-520/Android-Free-Forensic-Toolkit/blob/master/dist/Alpha3/Android_Free_Forensic_Toolkit_Alpha_3.exe). This program will work on Linux and *should* work on OSX (I don't have a Mac to test it on).

Let me know what you think.