Any free mobile phone DF suites?
Ever since leaving uni, I've been struggling to play around with digital forensics, as most of the software was uni-exclusive and costs over $1000. Now while I can rely on FTK Imager and Autopsy, that doesn't seem to work well with Android phones. (I was using Magnet forensics tools before graduation)
Can any of you suggest any DF tools that will allow me to extract data out of a mobile phone, without putting me in more debt than I'm already in?
Are you on the latest version of Autopsy? From looking at the release notes ( https://github.com/sleuthkit/autopsy/releases/tag/autopsy-4.18.0 ), version 4.18 has a new “Android Analyzer (aLEAPP)” module to supplement the old "Android Anlayzer" module.
Also, there is Andriller ( https://github.com/den4uk/andriller ).
Magnet Acquire is a free acquisition utility which supports Android and iOS devices (although it's kept behind the Magnet support paywall). You can then examine the output in other tools.
And of course, there is Santoku ( https://santoku-linux.com/ ).
Hope this helps!
@benfindlay Hello, and thanks for the response.
Just had a look at my Autopsy, I have 4.12.0, so I'll have a look at updating it. However, I still have to make an image at least before I can index/ingest it to the suite? But then again, that's what Magnet Acquire is for. Santoku looks interesting so I'll have a look.
I think I tried to get Magnet Aquire but I need to show proof of employment (I assume in the Digital Forensics sector).
I'll keep looking around, but the other suggestions sound promising, so thanks.
1) You can buy single phone licenses of MOBILedit Forensic Express for $99/phone.
2) OSForensics by Passmark was my first forensic tool purchase 10+ years ago and is still a critical tool in my practice.
OSForensics is significantly less expensive than other forensic suites but is more powerful than other tools in many ways.
Make the purchase and you will not regret it.
(I have no affiliation with Passmark whatsoever)