You're reading from iOS Forensics for Investigators Take mobile forensics to the next level by analyzing, extracting, and reporting sensitive evidence

Product type Paperback

Published in May 2022

Publisher Packt

ISBN-13 9781803234083

Length 316 pages

Edition 1st Edition

Tools

iOS

Concepts

Forensics

Author (1):

Gianluca Tiepolo

View More author details

Table of Contents (17) Chapters

Preface

1. Section 1 – Data Acquisition from iOS Devices

2. Chapter 1: Introducing iOS Forensics FREE CHAPTER

3. Chapter 2: Data Acquisition from iOS Devices

4. Section 2 – iOS Data Analysis

5. Chapter 3: Using Forensic Tools

6. Chapter 4: Working with Common iOS Artifacts

7. Chapter 5: Pattern-of-Life Forensics

8. Chapter 6: Dissecting Location Data

9. Chapter 7: Analyzing Connectivity Data

10. Chapter 8: Email and Messaging Forensics

11. Chapter 9: Photo, Video, and Audio Forensics

12. Chapter 10: Analyzing Third-Party Apps

13. Chapter 11: Locked Devices, iTunes Backups, and iCloud Forensics

14. Section 3 – Reporting

15. Chapter 12: Writing a Forensic Report and Building a Timeline

16. Other Books You May Enjoy

Chapter 11: Locked Devices, iTunes Backups, and iCloud Forensics

Up to this point in the book, we have learned how to perform an iOS acquisition using different methods and how to analyze the extracted data to gain meaningful insights, such as interpreting location artifacts, parsing through media files, or analyzing pattern-of-life data. Everything we have covered so far relies on the fact that the iOS device that is being examined is unlocked, or the passcode is known; however, this is not always the case. There are some occasions in which the investigator may have to deal with locked devices, and that will be the focus of this chapter.

We will start the chapter by learning how to deal with locked devices, what options the examiner has, and how to attempt passcode cracking. Then, we will discuss Before First Unlock (BFU) acquisitions and learn what kind of data we can expect to find in such extractions. Later on in the chapter, we will introduce iTunes backups and we will learn...

The rest of the chapter is locked

You're reading from iOS Forensics for Investigators Take mobile forensics to the next level by analyzing, extracting, and reporting sensitive evidence

Table of Contents (17) Chapters

Chapter 11: Locked Devices, iTunes Backups, and iCloud Forensics

Authors (1)

Personalised recommendations for you

You're reading from iOS Forensics for Investigators Take mobile forensics to the next level by analyzing, extracting, and reporting sensitive evidence

Table of Contents (17) Chapters

Chapter 11: Locked Devices, iTunes Backups, and iCloud Forensics

Unlock this book and the full library FREE for 7 days

Authors (1)

Personalised recommendations for you