Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Learning Android Forensics Analyze Android devices with the latest forensic tools and techniques

Product type Paperback

Published in Dec 2018

Publisher

ISBN-13 9781789131017

Length 328 pages

Edition 2nd Edition

Languages

Java

Tools

Android

Concepts

Forensics

Authors (3):

Oleg Skulkin

Donnie Tindall

Rohit Tamma

View More author details

Table of Contents (12) Chapters

Preface

1. Introducing Android Forensics

2. Setting up the Android Forensic Environment FREE CHAPTER

3. Understanding Data Storage on Android Devices

4. Extracting Data Logically from Android Devices

5. Extracting Data Physically from Android Devices

6. Recovering Deleted Data from an Android Device

7. Forensic Analysis of Android Applications

8. Android Forensic Tools Overview

9. Identifying Android Malware

10. Android Malware Analysis

11. Other Books You May Enjoy

Leave a review - let other readers know what you think

Extracting data physically with dd

The dd command should be familiar to any examiner who has done traditional hard drive forensics. dd is a Linux command-line utility used by definition to convert and copy files, but is frequently used in forensics to create bit-by-bit images of entire drives. Many variations of dd also exist and are commonly used, such as dcfldd, dc3dd, ddrescue, and dccidd. As dd is built for Linux-based systems, it is frequently included on Android platforms. This means that a method for creating an image of the device often already exists on the device!

The dd command has many options that can be set; only the forensically important options are going to be covered in the following list. A full list of command options can be found at http://man7.org/linux/man-pages/man1/dd.1.html. The format of the dd command is as follows:

dd if=/dev/block/mmcblk0 of=/sdcard...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (3)

Oleg Skulkin

Oleg Skulkin is the Head of Digital Forensics and Malware Analysis Laboratory at Group-IB. Oleg has worked in the fields of digital forensics, incident response, and cyber threat intelligence and research for over a decade, fueling his passion for uncovering new techniques used by hidden adversaries. Oleg has authored and co-authored multiple blog posts, papers, and books on related topics and holds GCFA and GCTI certifications.

See other products by Oleg Skulkin

Tindall

Donnie Tindall is a Principal Incident Response Consultant with the Crypsis Group, where he handles incident response engagements encompassing the full lifecycle of cyber security events. His corporate and consulting background is primarily in conducting sensitive forensics examinations for federal government clients, particularly the U.S. military and the Intelligence Community. Before moving into Incident Response, Donnie had an extensive background in mobile forensics, application security research, and exploitation. He is also an IACIS Certified Forensic Computer Examiner and former Community Instructor of FOR585, the SANS Institute's smartphone forensics course.

See other products by Tindall

Rohit Tamma

Rohit Tamma is a senior program manager currently working with Microsoft. With over 10 years of experience in the field of security, his background spans management and technical consulting roles in the areas of application and cloud security, mobile security, penetration testing, and secure coding. Rohit has also co-authored Learning Android Forensics, from Packt, which explain various ways to perform forensics on mobile platforms. You can contact him on Twitter at @RohitTamma.

See other products by Rohit Tamma