Android physical dumps parsing with Encase Forensic
As mentioned before, classical tools for computer forensics also increase their functionality in the examination of mobile devices. This is due to the fact that every year the number of mobile devices that come for examination to forensic laboratories increases. It means that experts need software for their analysis. Encase Forensic is following this trend. If we take a look at User Manual Encase Forensic, we can see that one third of this document is dedicated to the mobile devices' data extraction and analysis, their physical dumps, and backups. Encase Forensic can extract data from Android mobile devices and analyze their backups and physical dumps.
In this chapter, we will describe the analysis of an Android mobile device’s backup via Encase Forensic.
Getting ready
Unfortunately, there is no public trial version of this program. It is possible to receive the license of the program for a certain period from resellers and partners of the...
