Recently I got hands on an ebook titled Practical Mobile Forensics. As the title suggests, yes, it deals much with dissecting and analyzing the data contained within mobile phones. Some times friends phone me saying they have lost data on their mobile phone & need to recover; this book might help in.
The book applies an investigative methodology that suits professionals in the field of forensics. So, brace yourself, this is more than just a hobbying book.
The starting chapters outline a reconnaissance concept; recall how it is dealt in Web Penetration Testing with Kali Linux? Here however it is more about identifying & getting familiar with the mobile device. The more knowledge you have about the device, the less you’ll tamper the data.
The author blends legal aspects all along the investigation. It helps the reader understand what provisions exist within the legal framework and what kind of evidence will be admissible in court. I liked these sort of caption in the explanation.
Android vs iOS
I am an Android user and I was particularly interested in tools that would help me dissect & investigate an Android device. The book caters for iOS and Windows phone as well; if you fall in that category you won’t be disappointed either (^^,) …
There is one chapter titled Understanding Android. It talks about Android of course, the Linux kernel, shared librairies and all. This came a bit as a surprise because I wasn’t expecting a wealth of information in a small book. Having a look at this chapter might be like a « Linux Filesystems » lecture to someone who is just getting familiar with the operating system. It’s a good thing to help the reader understand a concept rather than just showing how to « use » a particular software. Forensics go beyond using software.
The author emphasizes a lot on « imaging » a device & work rather than work directly on the device. This ensures that nothing is tampered during the investigation.
Finally, this ebook was worth it. It’s hitting my recommended books list for sure (^^,) …