31,19 €
Mehr erfahren.
- Herausgeber: Packt Publishing
- Kategorie: Wissenschaft und neue Technologien
- Sprache: Englisch
Over 20 recipes that will enable you to handle and extract data from iOS devices for forensics
About This Book
- This book gets you straight into solving even the most complex iOS forensic problems with easy-to-understand recipes
- Get to grips with extraction and analysis techniques to perform forensic investigations on iOS devices
- Gain insights into how to protect your data and perform data recovery from iOS-based devices
Who This Book Is For
If you are an iOS application developer who wants to learn about a test flight, hockey app integration, and recovery tools, then this book is for you. This book will be helpful for students learning forensics, as well as experienced iOS developers.
What You Will Learn
- Discover the various ways to save data in the document directory of the device
- Get to grips with encrypting and decrypting of files saved in the document directories
- Explore ways to integrate social media with iOS applications
- Grab the user events and actions on the iOS application using analytic tools
- Analyze useful information from the data gathered in the cloud
- Grasp numerous concepts associated with air application distribution
- Track errors in an application effectively to document them for forensic analysis
- Read crash reports accumulated on iTunesConnect and decode them to generate and gather useful information
In Detail
Mobile device forensics is a branch of digital forensics that involves the recovery of evidence or data in a digital format from a device without affecting its integrity. With the growing popularity of iOS-based Apple devices, iOS forensics has developed immense importance.
To cater to the need, this book deals with tasks such as the encryption and decryption of files, various ways to integrate techniques with social media, and ways to grab the user events and actions on the iOS app. Using practical examples, we'll start with the analysis keychain and raw disk decryption, social media integration, and getting accustomed to analytics tools. You'll also learn how to distribute the iOS apps without releasing them to Apple's App Store. Moving on, the book covers test flights and hockey app integration, the crash reporting system, recovery tools, and their features. By the end of the book, using the aforementioned techniques, you will be able to successfully analyze iOS-based devices forensically.
Style and approach
This book takes a step-by-step recipe-based approach to iOS forensics and investigation techniques. Topics are explained sequentially in order of complexity, and are accompanied by code and theory that is easy to grasp.
Sie lesen das E-Book in den Legimi-Apps auf:
Seitenzahl: 126
Veröffentlichungsjahr: 2016
Ähnliche
Table of Contents
iOS Forensics Cookbook
iOS Forensics Cookbook
Copyright © 2016 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
First published: January 2016
Production reference: 1220116
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham B3 2PB, UK.
ISBN 978-1-78398-846-4
www.packtpub.com
Credits
Authors
Bhanu Birani
Mayank Birani
Reviewer
Dr. Aswami Ariffin
Commissioning Editor
Julian Ursell
Acquisition Editors
Vivek Anantharaman
Chaitanya Nair
Content Development Editor
Siddhesh Salvi
Technical Editor
Menza Mathew
Copy Editor
Merilyn Pereira
Project Coordinator
Nidhi Joshi
Proofreader
Safis Editing
Indexer
Tejal Daruwale Soni
Production Coordinator
Melwyn Dsa
Cover Work
Melwyn Dsa
About the Authors
Bhanu Birani has more than 7 years of experience in the software industry. He is passionate about architecting, designing, and developing complicated applications. He specializes in creating web, backend as a service, and mobile products suitable for B2B and B2C context. He has expertise in end to end development to create innovative and engaging applications for mobile devices.
After years of programming experience in different programming languages, he started developing applications for iOS devices. He started software development around the same time as his graduation and was really interested in learning about the new technologies emerging in the market. He then joined a game development company. After contributing to the gaming domain, he started working on content-based applications and radio applications. He also contributed to hyperlocal geo-targeting using BLE (iBeacons). Over the years, he has gained experience in all phases of software development as requirement gathering, feasibility analysis, architecture design, coding and debugging, quality improvement, deployment, and maintenance.
Mayank Birani has more than 4 years of experience in the software industry. He was a star from the beginning of his career, and he worked with many start-ups. Soon after graduation, he started working on iOS/Mac technologies and is an R&D engineer for Apple Inc. India. He has an inherent passion for coding and developing applications to make the world a better place. He has contributed actively to many start-ups with revolutionary ideas.
In the early stages of his career, he was the sole author of Learning iOS 8 for Enterprise by Packt Publishing.
www.PacktPub.com
Support files, eBooks, discount offers, and more
For support files and downloads related to your book, please visit www.PacktPub.com.
Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at <[email protected]> for more details.
At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters and receive exclusive discounts and offers on Packt books and eBooks.
https://www2.packtpub.com/books/subscription/packtlib
Do you need instant solutions to your IT questions? PacktLib is Packt's online digital book library. Here, you can search, access, and read Packt's entire library of books.
Why Subscribe?
Free Access for Packt account holders
If you have an account with Packt at www.PacktPub.com, you can use this to access PacktLib today and view nine entirely free books. Simply use your login credentials for immediate access.
Preface
This book focuses on the various techniques for acquisition, identification, and forensic analysis of iOS devices. This is a step-by-step practical guide that will help you to follow the procedure and extract data from iOS devices. This book helps professionals to investigate and understand forensic scenarios easily. This is a practical guide written after the rising popularity of iOS devices and the growing investigation requirements. This book deals with the various ways to investigate devices with different iOS versions and the presence and absence of other security systems such as lock code, backup passwords, and so on.
Conceptually, this book can be divided into three sections. The first section deals with the understanding of how data is generated by applications and how and where it is stored on the device. The second section focuses mainly on various analytic techniques, which include the analytics of apps by reading their logs and reports provided by Apple and other third-party vendors. This also includes the analysis and other related data mining studies provided by Google and Crashlytics. The third section, that is, the last section of the book, deals with a study, in detail, of various core forensics, which include the data structure and organization of files. This also includes the study of various open source tools that allow the detail decrypting techniques performed on any iOS device.
What this book covers
Chapter 1, Saving and Extracting Data, focuses on the ways to save the data in the document directory of the device along with ways to fetch the data back. In this chapter, we will also discuss the encryption and decryption of the files that are saved in the document directories. We will also discuss keychain and raw disk decryption in the chapter.
Chapter 2, Social Media Integration, teaches you the various ways to integrate social media with your application. The primary focus will be on the various configurations that have to be taken care of while integrating social media with the application.
Chapter 3, Integrating Data Analytics, discusses the various application analytics tools. The primary focus will be on the various ways to grab the user events and actions on the app. Then, moving forward, we will learn the powerful ways to crunch the useful information from the data gathered on the cloud.
Chapter 4, App Distribution and Crash Reporting, teaches you about the power of distributing your apps without releasing them to Apple's App Store. In this chapter, you will learn about over the air application distribution. You will also learn the various ways to track errors in our app.
Chapter 5, Demystifying Crash Reports, demystifies the overall crash reporting system. This also includes ways to read the crash reports accumulated on iTunes Connect. You will learn to decode binary crash reports to generate and gather useful information.
Chapter 6, Forensics Recovery, holds all the recovery and backup related operations on the device. You will learn about recovery modes in detail along with data extraction from the device. This chapter will also allow the user to extract data from iTunes backup files by decrypting them. Then, finally, we will see some case studies to demonstrate how data was recovered from the device in very vital cases.
Chapter 7, Forensics Tools, explores all the aforementioned tools and their capacity to retrieve data. You will learn about the various features provided by each of them. We will also compare a few tools with each other, considering both open source and paid tools.
What you need for this book
This book is designed to allow you to use different operating platforms (Windows, Mac, and Linux) through freeware, open source software, and commercial software. For a few sections, you will need Xcode 6.0 or above with a Mac OS X. Many of the other examples shown can be replicated using either the software tested by the authors or equivalent solutions and tools for iOS Forensics. Some specific cases require the use of commercial platforms, and among those, we preferred the platforms that we use in our daily work as forensic analysts. In any case, we were inspired by the principles of ease of use, completeness of information extracted, and the correctness of the presentation of the results by the software. This book is not meant to be a form of advertising for the aforementioned software in any way, and we encourage you to repeat the tests carried out on one operating platform on other platforms and software applications as well.
Who this book is for
This book is intended mainly for a technical audience, and, more specifically, for forensic analysts (or digital investigators) who need to acquire and analyze information from mobile devices running iOS.
This book is also useful for computer security experts and penetration testers because it addresses some issues that definitely must be taken into consideration before the deployment of this type of mobile device in business environments or situations where data security is a necessary condition. Finally, this book could also be of interest to developers of mobile applications, and they can learn what data is stored on these devices, and where the application is used. Thus, they will be able to improve security.
Sections
In this book, you will find several headings that appear frequently (Getting ready, How to do it, How it works, There's more, and See also).
To give clear instructions on how to complete a recipe, we use these sections as follows:
Getting ready
This section tells you what to expect in the recipe, and describes how to set up any software or any preliminary settings required for the recipe.
How to do it…
This section contains the steps required to follow the recipe.
How it works…
This section usually consists of a detailed explanation of what happened in the previous section.
There's more…
This section consists of additional information about the recipe in order to make you more knowledgeable about the recipe.
See also
This section provides helpful links to other useful information for the recipe.
Reader feedback
Feedback from our readers is always welcome. Let us know what you think about this book—what you liked or disliked. Reader feedback is important for us as it helps us develop titles that you will really get the most out of.
To send us general feedback, simply e-mail <[email protected]>, and mention the book's title in the subject of your message.
If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide at www.packtpub.com/authors.
Customer support
Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.
Downloading the example code
You can download the example code files from your account at http://www.packtpub.com for all the Packt Publishing books you have purchased. If you purchased this book elsewhere, you can visit http://www.packtpub.com/support and register to have the files e-mailed directly to you.
Errata
Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books—maybe a mistake in the text or the code—we would be grateful if you could report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting http://www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form
