Scribd
Upload
10 views

36 SQLite

Uploaded by

Bernardino Maquita
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
10 views

36 SQLite

Uploaded by

Bernardino Maquita
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/326860923

Book Review: SQLite Forensics

Article · August 2018

CITATIONS READS

0 3,667

1 author:

Angus M Marshall
n-gate ltd.
129 PUBLICATIONS 250 CITATIONS

SEE PROFILE

All content following this page was uploaded by Angus M Marshall on 27 August 2018.

The user has requested enhancement of the downloaded file.


REVIEWS BOOKS

BOOK
Reviews
A
nyone who's done any work at all post transaction states, allowing us to look
on mobile devices will know that a "into the past", and Chapter 5's consideration
knowledge of SQLite is invaluable. of the write-ahead logs are particularly useful
Since it was adopted by both for those interested in understanding something
iOS and Android, it's become the about sequences of events and timelines.
default standard for app. data storage and web Chapter 6 returns to a higher-level,
browser history/cache/storage, IoT devices, concentrating on the database schema and
and is probably now the most widely deployed shows how well-designed databases contain
database package in the world. significant amounts of implicit meta-data in
Paul's work on SQLite analysis should the form of keys, relationships and triggers.
be familiar to most practitioners and his Combine this with Chapter 7's crash-course
SQLite Forensic Toolkit is one that I know sits in SQL and there's a useful tutorial on how
alongside many more expensive tools as an to use SQLite to manage your own data as
essential complement for situations where well as understanding how developers have
more detailed analysis is required. Now, he's implemented certain functions.
chosen to reveal some of his secrets in this Chapter 8, entitled "Odds and Ends",
295 page book. Through 9 chapters, Paul, concludes the technical material with all the
aided by the editorial team which includes the
SQLite Forensics
other things that didn't fit neatly into other
father of SQLite, covers the complete range chapters. This is where we find features that Author(s)
of topics from an initial introduction to SQLite may not be present in default builds of SQLite. Paul Sanderson
for novices with some database experience, Things like the Full Text Search modules, R*
Editor(s)
through to advanced topics including recovery Trees and encryption modules extend the core
Dr. Richard Hipp, Heather Mahalik,
of orphaned/deleted records and low-level functionality and a useful overview of each of Brett Shavers, Eric Zimmerman
analysis of the data itself, concluding with a these is given, with some hints and tips about
case study on the iOS SMS database. how to examine each. Publisher
Paul Sanderson
Readers need to have some familiarity with Finally, Chapter 9 concludes the work
data storage concepts and syntax diagrams, with a nice case study of examination of a Date of Publishing
but the text is clear and proceeds in a logical SMS database recovered from an iOS device, 2018
manner, with plenty of worked examples. For answering typical questions that arise during ISBN
me, Chapters 2, 3, 4 and 5 are the most useful investigation. Some common mistakes or traps 978-1-9802-9307-1
as they dive deep into the file format used by are explored and improved solutions are given.
Price
SQLite. Some slightly fuzzy diagrams show the My only real complaint is that a lot of the
£35.99 / $49.95
relationship between DB schema and the actual examples are very reliant on having a copy of
records within the file through use of familiar Sanderson's SQLite Forensic Browser. Although Reviewer
hex editor style views from Sanderson Forensics this is a popular tool in many labs, it's a bit Angus Marshall
own tool. Chapter 4's coverage of the journaling expensive for anyone who just wants to learn
system and how it can be used to see pre and more about SQLite examinations.

75

View publication stats


DFM36_075-076_Book Reviews.indd 75 31/07/2018 10:29

You might also like