Packt+ | Advance your knowledge in tech

0

All Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Practical Mobile Forensics

You're reading from Practical Mobile Forensics A hands-on guide to mastering mobile forensics for the iOS, Android, and the Windows Phone platforms

Product type Paperback

Published in Jan 2018

Publisher

ISBN-13 9781788839198

Length 402 pages

Edition 3rd Edition

Tools

Android

Concepts

Forensics

Authors (2):

Mahalik

Satish Bommisetty

View More author details

Table of Contents (19) Chapters

Title Page

Copyright and Credits

Packt Upsell

Contributors

Preface

1. Introduction to Mobile Forensics FREE CHAPTER

2. Understanding the Internals of iOS Devices

3. Data Acquisition from iOS Devices

4. Data Acquisition from iOS Backups

5. iOS Data Analysis and Recovery

6. iOS Forensic Tools

7. Understanding Android

8. Android Forensic Setup and Pre-Data Extraction Techniques

9. Android Data Extraction Techniques

10. Android Data Analysis and Recovery

11. Android App Analysis, Malware, and Reverse Engineering

12. Windows Phone Forensics

13. Parsing Third-Party Application Files

1. Other Books You May Enjoy

Leave a review - let other readers know what you think

Physical acquisition

iOS devices have two types of memory—volatile (RAM) and non-volatile (NAND Flash). RAM is used to load and execute the key parts of the operating system or the application. The data stored in the RAM is lost after a device reboots. RAM usually contains very important application information, such as active applications, usernames, passwords, and encryption keys. Though the information stored in the RAM can be crucial in an investigation, currently there is no easy method or tool available to acquire the RAM memory from a live iPhone.

Unlike RAM, NAND is non-volatile memory and retains the data stored in it even after a device reboots. NAND flash is the main storage area, and contains the system files and user data (http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-101r1.pdf). This document, written by NIST, not only covers memory storage in mobile devices, but mobile device forensic practices in general.

The goal of physical acquisition is to perform a bit...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at £13.99/month. Cancel anytime

Authors (2)

Mahalik

Mahalik

Heather Mahalik is the senior director of digital intelligence at Cellebrite. She is a senior instructor and author for the SANS Institute, and she is also the course lead for the FOR585 Smartphone Forensic Analysis In-Depth course. With 18 years of experience in digital forensics, she continues to thrive on smartphone investigations, digital forensics, forensic course development and instruction, and research on application analysis and smartphone forensics.

See other products by Mahalik

Satish Bommisetty

Satish Bommisetty

Satish Bommisetty is a security architect currently working with JDA. His primary areas of interest include web and mobile application security, cloud security, and iOS forensics. He has presented at security conferences, such as ClubHACK and C0C0n. Satish is one of the top bug bounty hunters and is listed in the halls of fame of Google, Facebook, PayPal, Microsoft, Yahoo, Salesforce, and more, for identifying and reporting their security vulnerabilities. You can reach him on Twitter at @satishb3.

See other products by Satish Bommisetty

Other recommended products

Related to this chapter

Practical Mobile Forensics

Practical Mobile Forensics

Covering up-to-date mobile platforms, this book focuses on teaching you the most recent tools and techniques for investigating mobile devices. Readers will delve into a variety of mobile forensics techniques for iOS 11-13, Android 8-10 devices, and Windows 10.

Apr 2020 13h 20m

Mobile Forensics Cookbook

Mobile Forensics Cookbook

This book brings with it an array of practical recipes for performing forensic examinations on mobile devices. It will show you how to treat data extraction, recovering, and decoding data on the mobile operating systems such as Android, iOS, Windows Mobile, and BlackBerry OS.

Dec 2017 10h 4m

Learning Android Forensics

Learning Android Forensics

This book will introduce you to Android forensics helping you to set up a forensic environment, handle mobile evidence, analyze how and where common applications store their data. You will also learn to identify malware on a device, and how to analyze it.

Dec 2018 10h 56m

Windows Forensics Cookbook

Windows Forensics Cookbook

Digital forensics (sometimes known as digital forensic science) is a branch of forensic science encompassing the recovery and investigation of material found in digital devices, often in relation to computer crime. Whether talking about digital forensics conducted by law enforcement or a corporate security department, the simple fact is that forensics is difficult and there are always challenges to be faced.

Digital Forensics with Kali Linux

Digital Forensics with Kali Linux

Kali Linux is used mainly for penetration testing and digital forensics. This book will help you explore and unleash the tools available in Kali Linux for effective digital forensics investigations. Using practical examples, you will be able to make the most of forensics process such as investigation, evidence acquisition, and analysis.

Digital Forensics with Kali Linux

Digital Forensics with Kali Linux

Kali Linux is considered as a reliable source for penetration testing and digital forensics. This book will give readers hands-on experience in utilizing Kali Linux tools to implement all the pillars of digital forensics such as acquisition, extraction, analysis, and presentation.

Apr 2020 11h 8m

Learn Computer Forensics

Learn Computer Forensics

Computer forensics touches on a lot of skills - from answering legal or investigative questions to preparing for an investigation, evidence acquisition, and more. The goal of this book is to acquaint you with some of the forensic tools and techniques to successfully investigate cybercrimes, and become a proficient computer forensics investigator.

Apr 2020 12h 16m

Digital Forensics and Incident Response

Digital Forensics and Incident Response

An understanding of how digital forensics integrates with the overall response to cybersecurity incidents is a must for all organizations. This book offers concrete and detailed guidance on how to conduct the full spectrum of incident response and digital forensic activities.

Jan 2020 14h 56m

Digital Forensics and Incident Response

Digital Forensics and Incident Response

The staggeringly high number of security breaches reported in the last several years stresses the importance of an organization's ability to respond to attacks promptly. With this book, you'll learn forensic techniques and incident response fundamentals to investigate such incidents in your organization.

Jul 2017 10h 48m

Mastering Malware Analysis

Mastering Malware Analysis

Malware analysis is a powerful investigation technique widely used in various security areas including digital forensics and incident response processes. Working through practical examples, you'll be able to analyze any type of malware you may encounter within the modern world.

Jun 2019 18h 44m

Personalised recommendations for you

Based on your interests and search pattern

Cloud Security Handbook

Cloud Security Handbook

This book provides complete coverage of every cloud security aspect—from initial design to ongoing maintenance. Packed with best practices, it helps you smoothly transition to the public cloud, while keeping your environments secure and compliant.

Apr 2025 16h 4m

CompTIA CySA+ (CS0-003) Certification Guide

CompTIA CySA+ (CS0-003) Certification Guide

Prepare for CompTIA CySA+ (CS0-003) exam with this study guide—covering security ops, incident response, and vulnerability management in depth to level up your cybersecurity career. Includes exam-style questions, 2 practice tests, and flashcards.

Apr 2025 24h 44m

Cyber Security Kill Chain - Tactics and Strategies

Cyber Security Kill Chain - Tactics and Strategies

Learn how the cyber kill chain, a structured model that outlines the stages of a cyberattack, guides you through understanding threat actor behaviors and bolstering their ability to defend against evolving cyber threats.

May 2025 10h 16m