Open Source Android Forensics application now available
I'm happy to announce we just released the beta version of our OSS Android Forensics application. Full details are at
If you are interested in testing or contributing (we are looking for a few good Java developers), please contact me off list. Thank you…we hope that by released this as OSS, it is a service to the forensics community.
I look forward to having a play with this later!
Are you hoping for users to send feedback? Do you have a set of information you would want to know for each test such as software version on the handset and if the device was rooted or not?
Great. Yes, testing to make sure the app executes, stores the data and then how well it is stored would be very helpful. Know the model and Android version will allow us to test/recreate any issues. We have a lot of work to do (Unicode support, for example) but wanted to get this initial app posted. Thanks.
*Goes to dig out G1 and HTC Magic*
I assume this needs to be installed via the ADB?
Any particular settings that you recommend being on (Other than the typical 'Allow Unknown Sources' and 'USB debugging'
Correct, I install via adb (I will try hitting the .apk from the Internet directly). Try installing without "Allow Unknown Sources" first…I do not have that set on my Droid or a G1 and it works just fine. We will sign the .apk if needed to get around that (eventually).
Is there anyway to install the application without going through the ADB at all?
Obviously we do not want to download any file manager applications in a real investigation. It is one thing that I feel is lacking from 'droids, the ability to manage files is pretty handy!
No need to install file managers. Few points to consider
- You can download the .apk via the device's browser but in that case, you will need to enable the "Allow Unknown Applications" option. We will look into signing the .apk to avoid.
- If you install from adb, this is not an issue
- Once you run the application (the name is viaForensics), you can copy the .csv files out in 1 of three ways
1. Mount the SD Card on the computer via the device
2. adb pull /sdcard/forensics c\temp
3. Remove the SD Card and then attach directly to a computer
Definitely should not install a file manager.
My colleague has just been having a play and we can report success on a G1 running the following
Model Android Dev Phone 1
The build is a jesusfreke and the handset is rooted.
Looks like a promising project. My colleague will be attending your training course on Monday so I am sure the ways to work with the application and expand it will become clear!
But initial testing looks promising. Just sorting out the presentation of the data that will be entertaining!
Hi Andrew, I have a bunch of other content providers from 3rd party apps that I decompiled and investigated (notably the official Facebook app) le mw know if you want them!