Book Image

Learning Android Forensics

By : Rohit Tamma, Donnie Tindall
Book Image

Learning Android Forensics

By: Rohit Tamma, Donnie Tindall

Overview of this book

Table of Contents (15 chapters)
Learning Android Forensics
Credits
About the Authors
About the Reviewers
www.PacktPub.com
Preface
Index

ViaExtract


ViaExtract is a logical and physical extraction tool created by NowSecure (formerly known as ViaForensics). Logical acquisitions (including backups) are available with the free version, while the paid version adds physical extractions. It is freely distributed inside of a virtual machine file (either VMWare or Virtual Box formats) running NowSecure's Santoku Linux distribution. An active Internet connection is required while using the free version. The download and full feature list can be found at https://www.nowsecure.com/forensics/community/. Registration is required.

The icons to register the tool and launch ViaExtract can be found on the desktop of the ViaExtract virtual machine:

Before launching ViaExtract, ensure that the device to be examined is connected to the computer via a USB. This will ensure that the device is detected. The device will also need to be powered on. Note the appropriate network-isolation measures as discussed in Chapter 1, Introducing Android Forensics...