Scribd
Upload
8 views

Tools and Techn in Ios

Uploaded by

THARUN MIRUDAN
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
8 views

Tools and Techn in Ios

Uploaded by

THARUN MIRUDAN
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

Tools in IOS:

Introduction:
Digital investigations require a diverse set of tools to effectively gather
evidence from various devices.
These tools range from specialized forensic software to more general-purpose
management applications.
Each tool has its strengths, weaknesses, and costs, making it essential for
forensic professionals to have a general understanding of their options to make
informed decisions.
Tools are:
1. Cellebrite
2. iMazing
3. iMyFone D-Back
4. Dr. Fone
5. Oxygen Forensics
6. MobilEdit Forensic Express

1. Cellebrite:
- Widely known and respected tool in phone forensics, heavily used by law
enforcement.
- Known for its robustness and effectiveness, but comes with a high cost.
- Offers multiple products like UFED, Physical Analyzer, UFED Cloud, Premium,
Blacklight, Commander, each with variations.
- Requires formal training and can be expensive.
- Focuses on comprehensive data extraction from mobile devices.

2. iMazing:
- Originally designed as a device manager for iOS, but also useful in forensics.
It can be found at https://imazing.com/.
- Affordable lifetime license options, provides basic data extraction
functionalities.
- Easy-to-use interface with features for exporting data in various formats.
- Lacks advanced forensic capabilities but suitable for basic investigations.

3. iMyFone D-Back:
- Specifically designed for iOS data recovery, including from iTunes backups.
(https://www.imyfone.com/).
- Intuitive interface with options for extracting data from iOS devices and
backups.
- Offers lifetime license options and supports multiple devices.

4. Dr. Fone:
- Widely used for mobile device recovery and data transfer, compatible with
iOS and Android.
The tool can be found at https:// drfone.wondershare.net.
- Relatively inexpensive compared to other tools, offers basic forensic
functionalities.
- Provides access to SMS messages, phone numbers, and file systems.
- Suitable for basic forensic analysis but lacks advanced features.

5. Oxygen Forensics:
- Known for its user-friendly interface and ease of use.
The company website is https://www.oxygenforensic. com/en/.
- Offers features for timeline events mapping, making geolocation easier.
- Relatively expensive, primarily used in professional forensic labs.
- Provides comprehensive data extraction and analysis capabilities.
6. MobilEdit Forensic Express:
- Affordable tool with professional-level features for forensic analysis.
The company website is https:// www.mobiledit.com/forensicexpress.
- Offers various reporting formats and case management functionalities.
- Compatible with both Apple and Android devices, making it versatile.
- Useful for generating detailed reports and managing multiple cases
effectively.
Techniques in IOS:

• Logical Acquisition:
• Extracting data from the device at a logical level.
• Focuses on accessible data without specialized tools or physical
access.
• Methods include iTunes backups, iCloud backups, or third-party
forensic tools via standard interfaces like USB or Wi-Fi.
• Physical Acquisition:
• Involves directly accessing the device's storage to create a bit-by-bit
image.
• Captures deleted data and system files.
• Requires specialized forensic tools and physical access.
• Tools used may include Cellebrite UFED, XRY, or Oxygen Forensic
Detective.
• Physical acquisition may be limited on newer iOS devices due to
enhanced security measures.
• File System Analysis:
• Examines the file structure and contents of the device's storage.
• Utilizes tools to analyze file systems such as HFS+ or APFS.
• Reveals user files, system logs, application data, and metadata.
• SQLite Database Examination:
• iOS apps often store data in SQLite databases.
• Contains contacts, messages, call logs, browsing history, and
application-specific data.
• Forensic tools extract and analyze data from these databases.
• Timeline Analysis:
• Reconstructs a chronological timeline of events and activities on the
iOS device.
• Includes user actions, system events, application usage,
communication logs, etc.
• Helps understand the sequence of events leading up to an incident.
• Useful for building a timeline of digital evidence in legal
proceedings.

You might also like