Aug 10, 2014 - The toolkit includes all kinds of forensic tools, cables, kits, and of course. Believe it or not, there are even versions of Linux designed specifically for mobile forensics. By the group ViaForensics out of Chicago, and Open Source Android. OS you will need to download and install the tools I demonstrate. Join Sandra Toner for an in-depth discussion in this video, Checking out open-source forensic tools, part of Learning Computer Security Investigation and Response.
Android Forensics: Investigation, Analysis, and Mobile Security for Google Android provides the background, techniques and analysis tools you need to effectively investigate an Android phone. This book offers a thorough review of the Android platform, including the core hardware and software components, file systems and data structures, data security considerations, and forensic acquisition techniques and strategies for the subsequent analysis require d. this book is ideal for the classroom as it teaches readers not only how to forensically acquire Android devices but also how to apply actual forensic techniques to recover data.
The book lays a heavy emphasis on open source tools and step-by-step examples and includes information about Android applications needed for forensic investigations. It is organized into seven chapters that cover the history of the Android platform and its internationalization; the Android Open Source Project (AOSP) and the Android Market; a brief tutorial on Linux and Android forensics; and how to create an Ubuntu-based virtual machine (VM). The book also considers a wide array of Android-supported hardware and device types, the various Android releases, the Android software development kit (SDK), the Davlik VM, key components of Android security, and other fundamental concepts related to Android forensics, such as the Android debug bridge and the USB debugging setting. In addition, it analyzes how data are stored on an Android device and describes strategies and specific utilities that a forensic analyst or security engineer can use to examine an acquired Android device.
Core Android developers and manufacturers, app developers, corporate security officers, and anyone with limited forensic experience will find this book extremely useful. It will also appeal to computer forensic and incident response professionals, including commercial/private sector contractors, consultants, and those in federal government.
AFLogical OSE: Open source Android Forensics app and framework
The Open Source Edition has been released for use by non-law enforcement personnel, Android aficionados, and forensics gurus alike. It allows an examiner to extract CallLog Calls, Contacts Phones, MMS messages, MMSParts, and SMS messages from Android devices. The full AFLogical software is available free for Law Enforcement personnel. More information is available at https://www.nowsecure.com/
Compile or download the latest apk. Alternativley, AFLogical OSE comes pre-installed in santoku linux
Then Install the apk file to your device. Either copy the apk to your device and run it on the device OR Use adb shell.
adb install AFLogical-OSE_1.5.2.apk
On your Android device, open the AFLogical OSE application, choose what data you want to extract, and follow the prompts to extract the data.Note: You must have an SD card installed on your device (or a built in SD card) to extract the data.
The selected data is then extracted to your SD card (external or internal).
Different Open Source Tools
You can then copy the data from your SD card to your computer to view the content, either by removing the external SD Card and connecting it to your computer, or using adb pull.
Your extracted data is in your ~/Desktop/AFLogical_Phone_Data directory.
If you would like to contribute code, please fork this repository, make yourchanges, and then submit a pull-request.