Notifications

Clear all

N00b - Free Mobile tools

General (Technical, Procedural, Software, Hardware etc.)

Last Post by nlpd120 12 years ago

7 Posts

6 Users

0 Reactions

882 Views

RSS

dvdmorera

(@dvdmorera)

New Member

Joined: 13 years ago

Posts: 2

Topic starter 21/10/2013 7:27 pm [#11134]

N00b here. I starting with forensics and I am working on a project to do a forensic analysis on Android phones including deleted data and memory dump. Any suggestions on free tools or demos I can use? I looked around and there is not a whole lot I can see.

Any help is appreciated.

Quote

LilPopps21

(@lilpopps21)

Active Member

Joined: 15 years ago

Posts: 9

21/10/2013 8:12 pm

Hey,

For Android memory acquisition have a look at Linux Memory Extractor (LiME).

As far as open source tools for Android you can check out Via Forensics's Santoku (free linux distro for mobile forensics) and Open Source Android Forensics (OSAF).

As for accessing deleted content, it depends what content you are looking for. If it's data stored on the SD Card (pictures, application data, etc.) you can acquire the card with FTK Imager, dd, or any other acquisition tool and then use a data carving program like photorec, scalpel, or foremost.

If rooting the device is a possibility, you will have additional options such as extracting the text message database and using sqlite and a hex editor to try to identify and recover deleted content. Unfortunately this is a manual and time consuming process but it will also help you learn a great deal.

Hope this points you in the right direction, good luck!

ReplyQuote

Alistair

(@alistair)

Eminent Member

Joined: 13 years ago

Posts: 23

22/10/2013 4:52 am

In addition to what LilPopps21 said you can also use TSK (The sleuth kit) or it's GUI based version Autopsy.

ReplyQuote

dvdmorera

(@dvdmorera)

New Member

Joined: 13 years ago

Posts: 2

Topic starter 22/10/2013 7:05 pm

Thanks guys. I really appreciate it.

I'm still getting used to the forum, so if I need to award points, let me know. Thanks again.

ReplyQuote

Adam10541

(@adam10541)

Honorable Member

Joined: 14 years ago

Posts: 550

24/10/2013 6:44 am

You used to be able to get a 6 month free trial of Oxygen Forensics for mobile phones. Not sure if you still can but that would be worth a look too.

ReplyQuote

avrilcory

(@avrilcory)

New Member

Joined: 12 years ago

Posts: 2

23/12/2013 3:20 pm

I read you post find more information. Best prototyping tool to create clickable wireframes and web apps 100% free forever because always reference links. Thanks for sharing with us.

Thanking you !!!
Quantel

ReplyQuote

nlpd120

(@nlpd120)

Trusted Member

Joined: 16 years ago

Posts: 96

30/12/2013 10:12 pm

You may want to consider getting a copy of Andrew Hoog's book on Android Forensics. I know it is dated, but it still contains pertinent information. Speaking of demos You should also try to get a demo of Susteen's Secure View3 as well http//www.secureview.us/request-info . I second looking at using Linux forensic boot discs (i.e. Santoku and Paladin) or AccessData's FTK Imager (FTK Imager will require a hardware or software write blocker unless you can lock the card) for imaging the micro SD Card. You may also be able to use these tools to view the logical portion of the connected device.

Disclaimer I am a contract instructor for Sumuri, LLC

Regards,

Chris Currier

ReplyQuote