Chapter 11. Android App Analysis, Malware, and Reverse Engineering
Third-party applications are commonly used by smartphone users. Android users download and install several apps from app stores such as Google Play. During forensic investigations, it is often helpful to perform an analysis of these apps to retrieve valuable data and to detect any malware. For instance, a photo vault app might lock sensitive images present on a device. Hence, it would be of great significance to have the knowledge to identify the passcode for the photo vault app. Also, apps such as Facebook, WhatsApp, Skype, and so on, are widely used these days, and they are often the source of valuable data that aids in cracking a case. Hence, it is important to know what kind of data these apps store and the location of this data. While the data extraction and data recovery techniques discussed in earlier chapters provide access to valuable data, app analysis would help us gain information about the specifics of an application...
