Security Congress Abstract
There are more than 4 million mobile apps available between the two largest smartphone app stores. Available forensic tools by themselves can only scratch the surface. What else can be done? How can we best leverage existing tools and grow our practice in order obtain as much as we can from our examinations?
In this presentation you will learn how to:
-identify data stores of interest.
-use structure query language to extract and interpret the data.
-manage JSON-formatted data inside and outside of SQLite databases.
-retain and reuse acquired knowledge by the generation of custom artifacts.
-use apps as viewers and parsers of targeted data through the use of virtual environments.
-set up manual examination when extraction and parsing is not possible.