Mobile phone forensics is always a concern when it comes to cyber crime. Most of the cyber crime cases involves mobile phone as an important part of the investigation. There are cases when you want to do forensics of your loved ones, not to keep an eye but to keep them safe threats. Researcher of Security Newspaper are always educating people on the different techniques used by Law Enforcement Agencies (LEA) to do forensics of hack systems, IOT devices, mobile phones and others.
Today we will talk about tool required for smart phone or mobile phone forensics. Some of them are commercial and some of them are open sources or free:
1. PList Editor
In the Mac OS X and iPhone OS, property list files are files that store serialized objects. Property list files are used to serialized object and uses extension .plist. This is used to read property list files.
2. Cellebrite Physical Analyser
This is used by many LEA (Law Enforcement Agencies) to uncover the mobile forensics of any smart phone. It uncovers examination of different types of mobile phones and with this you can dive deeper in the encrypted ones as well as unencrypted one.
The Cellebrite Universal Forensic Extraction Device (UFED) is also used by law enforcement Agencies to crack mobile phones. This unit cost around $6,000. It is software based solution for existing PC or Laptop.
4. DB Browser for SqLite
SqlLite is open source software used in mobile apps to store and retrieve data. This is light weight database used in all mobile applications. This browser will let you retrieve data associated with different apps.
5. Oxygen Forensics Detective
It is all in one Forensics tool to extract, decode and analyze data from many different devices like IOT, Mobile phones, Drone, media cards and others.
6. Magnet AXIOM
It is used by forensics investigators for investigations of malware, ransomware, phising, APT cases and others. This is used by organizations to acquire and analyze the evidences remotely using cloud platform to do forensics using tailored software.
It is a software package with a collection of tools required for smartphones forensics. Its features are:
- Lockscreen cracking for Pattern
- PIN code, or Password
- Custom decoders for Apps data from Android
- Extraction and decoders
It gives report in HTML and Excel formats.
When you connect your IPhone or Android mobile, this software will help you take backup of configuration of your mobile phone, SMS messages , call history and sound settings and many more. This comes pre loaded with built in:
- plist Editor
- Hex Editor
- Text Editor
- database viewer
- image viewer
- SMS message viewer
- notes viewer
- address book viewer
- media browser
It is free Hex Editor used to read binary files. It features are:
- It can load files partially
- Export hex dump to a file or to clipboard
- you can search text and binary values in dump
- Can be used to compare files
JADX (Dex to Java decompiler) It is command line utility and it has graphical user interface which can be used to generate Java source code from APK file & Android Dex.
11. Electronic Evidence Examiner (E3)
It is all in one digital forensics tool to do forensics of digital media. It features includes:
- Computer Forensics
- Smartphone Forensics
- Cloud Forensics
- Email Investigations
- Windows Artifacts
- Review & Report
In the next part we will cover more forensics tools for smart phones, with all these tools you can do forensics of any smart phone in this world.
Cyber Security Specialist with 18+ years of industry experience . Worked on the projects with AT&T, Citrix, Google, Conexant, IPolicy Networks (Tech Mahindra) and HFCL. Constantly keeping world update on the happening in Cyber Security Area.