We are attackers, We are defenders, We are everywhere
Why is it essential for an examiner to get some files of interest from an iOS device? All activities of an iOS device user are stored inside the device in different formats and for various …
Continue Reading about Extraction of Cookies in iOS Forensics →
What are the files of interest in the first place? Extraction of applications,photos,passwords - iOS forensics - There are several directories that one can find for investigation purposes …
Continue Reading about Extraction of applications,photos,passwords – iOS forensics →
Artifacts of an IOS device plistĀ file: This important file is located inside the folder of the root application. Relevant information about the device of interest may be revealed …
Analysis of AddressBook and Call History data Analysis of artifacts on iOS devices Throughout the following paragraphs, I will be going through a discussion about the objects on an iOS …
Continue Reading about Analysis of AddressBook and Call History data →
SQLite Databases and Plist Files What about partitions? Partitions are the components on which different data could get stored inside a device. It comes without saying that the mechanisms …
How to acquire iOS data using physical acquisition techniques? Acquiring a bit by bit image of a system is always the best case in favor of someone performing forensics on a system. That is what …
