Learning Android Forensics

A hands-on guide to Android forensics, from setting up the forensic workstation to analyzing key forensic artifacts
Preview in Mapt
Code Files

Learning Android Forensics

Rohit Tamma, Donnie Tindall

1 customer reviews
A hands-on guide to Android forensics, from setting up the forensic workstation to analyzing key forensic artifacts
Mapt Subscription
FREE
$29.99/m after trial
eBook
$28.00
RRP $39.99
Save 29%
Print + eBook
$49.99
RRP $49.99
What do I get with a Mapt Pro subscription?
  • Unlimited access to all Packt’s 5,000+ eBooks and Videos
  • Early Access content, Progress Tracking, and Assessments
  • 1 Free eBook or Video to download and keep every month after trial
What do I get with an eBook?
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with Print & eBook?
  • Get a paperback copy of the book delivered to you
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with a Video?
  • Download this Video course in MP4 format
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
$0.00
$28.00
$49.99
$29.99p/m after trial
RRP $39.99
RRP $49.99
Subscription
eBook
Print + eBook
Start 30 Day Trial

Frequently bought together


Learning Android Forensics Book Cover
Learning Android Forensics
$ 39.99
$ 28.00
Learn Kotlin by Developing Android Apps [Video] Book Cover
Learn Kotlin by Developing Android Apps [Video]
$ 124.99
$ 106.25
Buy 2 for $35.00
Save $129.98
Add to Cart
Subscribe and access every Packt eBook & Video.
 
  • 5,000+ eBooks & Videos
  • 50+ New titles a month
  • 1 Free eBook/Video to keep every month
Start Free Trial
 

Book Details

ISBN 139781782174578
Paperback322 pages

Book Description

Many forensic examiners rely on commercial, push-button tools to retrieve and analyze data, even though there is no tool that does either of these jobs perfectly. This book will introduce you to the Android platform and its architecture, and provides a high-level overview of what Android  forensics entails. You will see how data is stored on Android devices and how to set up a digital forensic examination environment. Next, you will go through the various physical and logical techniques to extract data from devices to obtain forensic evidence. You will also learn how to reverse-engineer applications and forensically analyze the data with the help of various open source and commercial tools.

By the end of this book, you will have a complete understanding of the Android forensic process.

Table of Contents

Chapter 1: Introducing Android Forensics
Mobile forensics
The mobile forensics approach
Challenges in mobile forensics
The Android architecture
Android security
Chapter 2: Setting Up an Android Forensic Environment
The Android forensic setup
The Android SDK
Connecting and accessing an Android device from the workstation
Android Debug Bridge
Rooting Android
ADB on a rooted device
Summary
Chapter 3: Understanding Data Storage on Android Devices
Android partition layout
Android file hierarchy
Application data storage on the device
Android filesystem overview
Summary
Chapter 4: Extracting Data Logically from Android Devices
Logical extraction overview
Manual ADB data extraction
ADB backup extractions
ADB Dumpsys
Bypassing Android lock screens
Cracking an Android pattern lock
Android SIM card extractions
Issues and opportunities with Android Lollipop
Summary
Chapter 5: Extracting Data Physically from Android Devices
Physical extraction overview
Extracting data physically with dd
Extracting data physically with nanddump
Analyzing a full physical image
Imaging and analyzing Android RAM
Acquiring Android SD cards
Advanced forensic methods
Summary
Chapter 6: Recovering Deleted Data from an Android Device
An overview of data recovery
Recovering data deleted from an SD card
Recovering data deleted from internal memory
Analyzing backups
Summary
Chapter 7: Forensic Analysis of Android Applications
Application analysis
Determining what apps are installed
Wi-Fi analysis
Contacts/call analysis
SMS/MMS analysis
User dictionary analysis
Gmail analysis
Google Chrome analysis
Google Maps analysis
Google Hangouts analysis
Google Keep analysis
Google Plus analysis
Facebook analysis
Facebook Messenger analysis
Skype analysis
Snapchat analysis
Viber analysis
Tango analysis
WhatsApp analysis
Kik analysis
WeChat analysis
Application reverse engineering
Summary
Chapter 8: Android Forensic Tools Overview
ViaExtract
Autopsy
ViaLab Community Edition
Summary
Conclusion

What You Will Learn

  • Understand the Android system architecture and its significance for Android forensics
  • Build a forensically sound workstation
  • Utilize ADB to acquire data
  • Bypass Android security such as PINs and passwords
  • Perform both logical and full physical extractions to retrieve data
  • Reverse-engineer applications  
  • Analyze data from many popular applications including Gmail, WhatsApp, and Snapchat
  • Discover free and open source tools to aid in data acquisition and analysis

Authors

Table of Contents

Chapter 1: Introducing Android Forensics
Mobile forensics
The mobile forensics approach
Challenges in mobile forensics
The Android architecture
Android security
Chapter 2: Setting Up an Android Forensic Environment
The Android forensic setup
The Android SDK
Connecting and accessing an Android device from the workstation
Android Debug Bridge
Rooting Android
ADB on a rooted device
Summary
Chapter 3: Understanding Data Storage on Android Devices
Android partition layout
Android file hierarchy
Application data storage on the device
Android filesystem overview
Summary
Chapter 4: Extracting Data Logically from Android Devices
Logical extraction overview
Manual ADB data extraction
ADB backup extractions
ADB Dumpsys
Bypassing Android lock screens
Cracking an Android pattern lock
Android SIM card extractions
Issues and opportunities with Android Lollipop
Summary
Chapter 5: Extracting Data Physically from Android Devices
Physical extraction overview
Extracting data physically with dd
Extracting data physically with nanddump
Analyzing a full physical image
Imaging and analyzing Android RAM
Acquiring Android SD cards
Advanced forensic methods
Summary
Chapter 6: Recovering Deleted Data from an Android Device
An overview of data recovery
Recovering data deleted from an SD card
Recovering data deleted from internal memory
Analyzing backups
Summary
Chapter 7: Forensic Analysis of Android Applications
Application analysis
Determining what apps are installed
Wi-Fi analysis
Contacts/call analysis
SMS/MMS analysis
User dictionary analysis
Gmail analysis
Google Chrome analysis
Google Maps analysis
Google Hangouts analysis
Google Keep analysis
Google Plus analysis
Facebook analysis
Facebook Messenger analysis
Skype analysis
Snapchat analysis
Viber analysis
Tango analysis
WhatsApp analysis
Kik analysis
WeChat analysis
Application reverse engineering
Summary
Chapter 8: Android Forensic Tools Overview
ViaExtract
Autopsy
ViaLab Community Edition
Summary
Conclusion

Book Details

ISBN 139781782174578
Paperback322 pages
Read More
From 1 reviews

Read More Reviews

Recommended for You

Practical Mobile Forensics Book Cover
Practical Mobile Forensics
$ 35.99
$ 25.20
Mastering Python Forensics Book Cover
Mastering Python Forensics
$ 31.99
$ 22.40
Kali Linux Wireless Penetration Testing: Beginner's Guide Book Cover
Kali Linux Wireless Penetration Testing: Beginner's Guide
$ 35.99
$ 25.20
Instant Android Fragmentation Management How-to Book Cover
Instant Android Fragmentation Management How-to
$ 12.99
$ 9.10
Getting Started with UDOO Book Cover
Getting Started with UDOO
$ 17.99
$ 12.60
Practical Mobile Forensics - Second Edition Book Cover
Practical Mobile Forensics - Second Edition
$ 43.99
$ 30.80