Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Practical Mobile Forensics Forensically investigate and analyze iOS, Android, and Windows 10 devices

Product type Paperback

Published in Apr 2020

Publisher Packt

ISBN-13 9781838647520

Length 400 pages

Edition 4th Edition

Languages

Swift

Tools

Android

Concepts

Forensics

Authors (4):

Heather Mahalik

Oleg Skulkin

Rohit Tamma

Satish Bommisetty

View More author details

Table of Contents (18) Chapters

Preface

1. Introduction to Mobile Forensics

2. Section 1: iOS Forensics FREE CHAPTER

3. Understanding the Internals of iOS Devices

4. Data Acquisition from iOS Devices

5. Data Acquisition from iOS Backups

6. iOS Data Analysis and Recovery

7. iOS Forensic Tools

8. Section 2: Android Forensics

9. Understanding Android

10. Android Forensic Setup and Pre-Data Extraction Techniques

11. Android Data Extraction Techniques

12. Android Data Analysis and Recovery

13. Android App Analysis, Malware, and Reverse Engineering

14. Section 3: Windows Forensics and Third-Party Apps

15. Windows Phone Forensics

16. Parsing Third-Party Application Files

17. Other Books You May Enjoy

Leave a review - let other readers know what you think

Interpreting iOS timestamps

Before examining the data, it is important to understand different timestamp formats that are used on iOS devices. Timestamps found on iOS devices are presented either in the Unix timestamp or Mac absolute time format. You, as the examiner, must ensure that the tools properly convert the timestamps. Access to the raw SQLite files will allow you to verify these timestamps manually. You'll learn how to decode each timestamp format in the next few sections.

Unix timestamps

A Unix timestamp is the number of seconds that have elapsed since Unix epoch time, which started at midnight on January 1, 1970. A Unix timestamp can be converted easily, using the date command on a Mac workstation or using...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (4)

Rohit Tamma

Rohit Tamma is a senior program manager currently working with Microsoft. With over 10 years of experience in the field of security, his background spans management and technical consulting roles in the areas of application and cloud security, mobile security, penetration testing, and secure coding. Rohit has also co-authored Learning Android Forensics, from Packt, which explain various ways to perform forensics on mobile platforms. You can contact him on Twitter at @RohitTamma.

See other products by Rohit Tamma

Mahalik

Heather Mahalik is the senior director of digital intelligence at Cellebrite. She is a senior instructor and author for the SANS Institute, and she is also the course lead for the FOR585 Smartphone Forensic Analysis In-Depth course. With 18 years of experience in digital forensics, she continues to thrive on smartphone investigations, digital forensics, forensic course development and instruction, and research on application analysis and smartphone forensics.

See other products by Mahalik

Satish Bommisetty

Satish Bommisetty is a security architect currently working with JDA. His primary areas of interest include web and mobile application security, cloud security, and iOS forensics. He has presented at security conferences, such as ClubHACK and C0C0n. Satish is one of the top bug bounty hunters and is listed in the halls of fame of Google, Facebook, PayPal, Microsoft, Yahoo, Salesforce, and more, for identifying and reporting their security vulnerabilities. You can reach him on Twitter at @satishb3.

See other products by Satish Bommisetty

Oleg Skulkin

Oleg Skulkin is the Head of Digital Forensics and Malware Analysis Laboratory at Group-IB. Oleg has worked in the fields of digital forensics, incident response, and cyber threat intelligence and research for over a decade, fueling his passion for uncovering new techniques used by hidden adversaries. Oleg has authored and co-authored multiple blog posts, papers, and books on related topics and holds GCFA and GCTI certifications.

See other products by Oleg Skulkin