Hackers of India

Android Forensics

 Manish Chasta 


Presentation Material

Android forensics (Manish Chasta) from ClubHack


Videos are listed below

Smartphones can be used in cyber crimes like shooting illegal videos, sexual harassment cases, used by terrorists or for financial crimes. Talk starts with brief introduction of Android internals i.e. Dalvik VM, SQLite database, underlying Kernel. Presentation covers the steps of cyber forensics in context of Android:

Seizing the phone and maintaining its state so that we don’t lose any important data Taking image of the phone memory and memory card. In case of Android, we need to ROOT the device first to take the bit by bit image. Recovering useful data from the image. Device memory can contain extremely valuable data including contact list, call logs, sms, emails, passwords, application data, phone data etc. Analyzing the data to discover evidences. It will cover decrypting the encrypted files, cracking the passwords, recovering deleted files etc. Chain of custody to preserve evidences so that they can be presented in a court of law. The presentation also demonstrates:

Rooting Android Phone Taking image and Discovering evidences Takeaway for the audience:

Insights to the Android System Techniques and concepts to recover and analyse evidences from Android phone Live Forensics for Android System.