Book Image

Learning Android Forensics

By : Rohit Tamma, Donnie Tindall
Book Image

Learning Android Forensics

By: Rohit Tamma, Donnie Tindall

Overview of this book

Table of Contents (15 chapters)
Learning Android Forensics
Credits
About the Authors
About the Reviewers
www.PacktPub.com
Preface
Index

Chapter 7. Forensic Analysis of Android Applications

This chapter will cover application analysis, using free and open source tools. It will focus on analyzing the data that would be recovered using any of the logical or physical techniques detailed in Chapters 4 and Chapter 5. It will also rely heavily on the storage methods discussed in Chapter 2. We will see numerous SQLite databases, XML files, and other file types from various locations within the file hierarchy described in the second chapter. By the end of this chapter, you should be familiar with the following topics:

  • An overview of application analysis:

    • Contacts/Calls/SMS

    • Wi-Fi

    • User dictionary

  • Third-party applications and various methods used by popular applications to store and obfuscate data listed as follows:

    • Plain text

    • Epoch time

    • WebKit time

    • Misnaming file extensions

    • Julian dates

    • Base64 encoding

    • Encryption

    • Basic steganography

    • SQLCipher

  • Basic application reverse engineering