Any free mobile pho...
 
Notifications
Clear all

Any free mobile phone DF suites?

GumStickStorage
(@gumstickstorage)
New Member

Hello all,

 

Ever since leaving uni, I've been struggling to play around with digital forensics, as most of the software was uni-exclusive and costs over $1000. Now while I can rely on FTK Imager and Autopsy, that doesn't seem to work well with Android phones. (I was using Magnet forensics tools before graduation)

 

Can any of you suggest any DF tools that will allow me to extract data out of a mobile phone, without putting me in more debt than I'm already in?

 

Thanks

Quote
Topic starter Posted : 30/04/2021 8:47 am
benfindlay
(@benfindlay)
Active Member

Are you on the latest version of Autopsy? From looking at the release notes ( https://github.com/sleuthkit/autopsy/releases/tag/autopsy-4.18.0 ), version 4.18 has a new “Android Analyzer (aLEAPP)” module to supplement the old "Android Anlayzer" module.

Also, there is Andriller ( https://github.com/den4uk/andriller ).

Magnet Acquire is a free acquisition utility which supports Android and iOS devices (although it's kept behind the Magnet support paywall). You can then examine the output in other tools.

And of course, there is Santoku ( https://santoku-linux.com/ ).

Hope this helps!

Ben

This post was modified 1 week ago by benfindlay
ReplyQuote
Posted : 30/04/2021 3:10 pm
GumStickStorage
(@gumstickstorage)
New Member

@benfindlay Hello, and thanks for the response.

 

Just had a look at my Autopsy, I have 4.12.0, so I'll have a look at updating it. However, I still have to make an image at least before I can index/ingest it to the suite? But then again, that's what Magnet Acquire is for. Santoku looks interesting so I'll have a look.

I think I tried to get Magnet Aquire but I need to show proof of employment (I assume in the Digital Forensics sector).

 

I'll keep looking around, but the other suggestions sound promising, so thanks.

 

ReplyQuote
Topic starter Posted : 30/04/2021 7:41 pm
UnallocatedClusters
(@unallocatedclusters)
Senior Member

1)  You can buy single phone licenses of MOBILedit Forensic Express for $99/phone.

 

2)  OSForensics by Passmark was my first forensic tool purchase 10+ years ago and is still a critical tool in my practice.

OSForensics is significantly less expensive than other forensic suites but is more powerful than other tools in many ways.

Make the purchase and you will not regret it.

(I have no affiliation with Passmark whatsoever)

ReplyQuote
Posted : 04/05/2021 7:21 pm
Share: