Re: [sleuthkit-developers] Final year project
Brought to you by:
carrier
Menu
▾
▴
Re: [sleuthkit-developers] Final year project
|
From: Brian C. <ca...@sl...> - 2013-12-04 03:49:18
|
Autopsy can ingest most Android images, but not all. Our experience has been that there are three types of data that you can get from a physical acquisition of an Android device depending on the acquisition method used: 1) A single image that has a partition table in the beginning and partitions with Ext4 or YAFFS2 file systems in them. Autopsy supports this. 2) A bunch of images of each partition. Autopsy supports this too, you just need to add each image. 3) A single image that doesn't have a partition table in the beginning and the offsets to each partition are hard coded somewhere else in a proprietary way. Autopsy doesn't support this unless you determine the partition boundaries and make logical images and then it is the same as #2 above. Once you have the file systems imported, you can make modules to collect the standard contact info (there are already blackboard artifacts and attributes to store this type of data) or focus on third-party apps. brian On Dec 2, 2013, at 3:32 PM, Wiktor Sypniewski <wik...@gm...> wrote: > Hi Guys, > > My name is Victor and I'm final year student in Dublin Institute of Technology. I would like to develop module for Autopsy as my final year project. > > I'm interested in mobile forensics. I would like to develop a module that would be able to browse/recover data from a mobile device running on Android. > > I'm not sure what kind of data I should be interested in? I think that Autopsy 3 can scan mobile device as if it was just a disc but is there anything else I should be looking for? > > Any help in getting me started with this will be greatly appreciated! > > Kindest Regards > Vic > > > > > Wiktor Sypniewski > +353862177331 > > www.bluegreenblack.com > ------------------------------------------------------------------------------ > Rapidly troubleshoot problems before they affect your business. Most IT > organizations don't have a clear picture of how application performance > affects their revenue. With AppDynamics, you get 100% visibility into your > Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! > http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk_______________________________________________ > sleuthkit-developers mailing list > sle...@li... > https://lists.sourceforge.net/lists/listinfo/sleuthkit-developers |
