Why is it essential for an examiner to get some files of interest from an iOS device? All activities of an iOS device user are stored inside the device...
What are the files of interest in the first place? Extraction of applications,photos,passwords – iOS forensics – There are several directories that one can find for investigation purposes inside...
Artifacts of an IOS device plist file: This important file is located inside the folder of the root application. Relevant information about the device of interest may be revealed from...
Analysis of AddressBook and Call History data Analysis of artifacts on iOS devices Throughout the following paragraphs, I will be going through a discussion about the objects on an...
SQLite Databases and Plist Files What about partitions? Partitions are the components on which different data could get stored inside a device. It comes without saying that the mechanisms...
How to acquire iOS data using physical acquisition techniques? Acquiring a bit by bit image of a system is always the best case in favor of someone performing forensics...