Serialization is a process whereby data objects are preserved during storage on a computer system. Serializing data preserves the original type of the object. That is to say, we can serialize dictionaries, lists, integers, or strings into a file. Some time later, when we deserialize this file, those objects will still maintain their original data type. Serialization is great because if, for example, we stored script objects to a text file, we would not be able to feasibly reconstruct those objects into their appropriate data type as easily. As we know, reading a text file reads in data as a string.
XML and JSON are the two common examples of plain text-encoded serialization formats. You may already be accustomed to analyzing these files in forensic investigations. Analysts familiar with mobile device forensics will likely recognize application-specific XML files containing account or configuration details. Let's look at how we can leverage Python to parse XML and...