دسترسی نامحدود
برای کاربرانی که ثبت نام کرده اند
دانلود کتاب Practical Mobile Forensics: Forensically investigate and analyze iOS, Android, and Windows 10 devices, 4th Edition
دانلود کتاب پزشکی قانونی کاربردی موبایل: بررسی و تجزیه و تحلیل قانونی دستگاههای iOS، Android، و Windows 10، نسخه 4
مشخصات کتاب
Practical Mobile Forensics: Forensically investigate and analyze iOS, Android, and Windows 10 devices, 4th Edition
ویرایش: 4 نویسندگان: Rohit Tamma, Oleg Skulkin, Heather Mahalik, Satish Bommisetty سری: ISBN (شابک) : 9781838644420, 1838644423 ناشر: Packt Publishing Ltd سال نشر: 2020 تعداد صفحات: 384 زبان: English فرمت فایل : PDF (درصورت درخواست کاربر به PDF، EPUB یا AZW3 تبدیل می شود) حجم فایل: 26 مگابایت
قیمت کتاب (تومان) : 31,000
در صورت تبدیل فایل کتاب Practical Mobile Forensics: Forensically investigate and analyze iOS, Android, and Windows 10 devices, 4th Edition به فرمت های PDF، EPUB، AZW3، MOBI و یا DJVU می توانید به پشتیبان اطلاع دهید تا فایل مورد نظر را تبدیل نمایند.
توجه داشته باشید کتاب پزشکی قانونی کاربردی موبایل: بررسی و تجزیه و تحلیل قانونی دستگاههای iOS، Android، و Windows 10، نسخه 4 نسخه زبان اصلی می باشد و کتاب ترجمه شده به فارسی نمی باشد. وبسایت اینترنشنال لایبرری ارائه دهنده کتاب های زبان اصلی می باشد و هیچ گونه کتاب ترجمه شده یا نوشته شده به فارسی را ارائه نمی دهد.
توضیحاتی درمورد کتاب به خارجی
فهرست مطالب
Cover Title Page Copyright and Credits About Packt Contributors Table of Contents Preface Chapter 01: Introduction to Mobile Forensics The need for mobile forensics Understanding mobile forensics Challenges in mobile forensics The mobile phone evidence extraction process The evidence intake phase The identification phase The legal authority Data that needs to be extracted The make, model, and identifying information for the device Data storage media Other sources of potential evidence The preparation phase The isolation phase The processing phase The verification phase The documenting and reporting phase The archiving phase Practical mobile forensic approaches Understanding mobile operating systems Android iOS Windows Phone Mobile forensic tool leveling system Manual extraction Logical analysis Hex dump Chip-off Micro read Data acquisition methods Physical acquisition Logical acquisition Manual acquisition Potential evidence stored on mobile phones Examination and analysis Rules of evidence Good forensic practices Securing the evidence Preserving the evidence Documenting the evidence and changes Reporting Summary Section 1: iOS Forensics Chapter 02: Understanding the Internals of iOS Devices iPhone models and hardware Identifying the correct hardware model Understanding the iPhone hardware iPad models and hardware Understanding the iPad hardware The HFS Plus and APFS filesystems The HFS Plus filesystem The HFS Plus volume The APFS filesystem The APFS structure Disk layout The iPhone OS The iOS architecture iOS security Passcodes, Touch ID, and Face ID Code signing Sandboxing Encryption Data protection Address Space Layout Randomization (ASLR) Privilege separation Stack-smashing protection Data Execution Prevention (DEP) Data wiping Activation Lock The App Store Jailbreaking Summary Chapter 03: Data Acquisition from iOS Devices Operating modes of iOS devices Normal mode Recovery mode DFU mode Setting up the forensic environment Password protection and potential bypasses Logical acquisition Practical logical acquisition with libimobiledevice Practical logical acquisition with the Belkasoft Acquisition Tool Practical logical acquisition with Magnet ACQUIRE Filesystem acquisition Practical jailbreaking Practical filesystem acquisition with free tools Practical filesystem acquisition with Elcomsoft iOS Forensic Toolkit Summary Chapter 04: Data Acquisition from iOS Backups Working with iTunes backups Creating and analyzing backups with iTunes Understanding the backup structure info.plist manifest.plist status.plist manifest.db Extracting unencrypted backups iBackup Viewer iExplorer Handling encrypted backup files Elcomsoft Phone Breaker Working with iCloud backups Extracting iCloud backups Summary Chapter 05: iOS Data Analysis and Recovery Interpreting iOS timestamps Unix timestamps Mac absolute time WebKit/Chrome time Working with SQLite databases Connecting to a database Exploring SQLite special commands Exploring standard SQL queries Accessing a database using commercial tools Key artifacts – important iOS database files Address book contacts Address book images Call history Short Message Service (SMS) messages Calendar events Notes Safari bookmarks and history Voicemail Recordings Device interaction Phone numbers Property lists Important plist files Other important files Local dictionary Photos Thumbnails Wallpaper Downloaded third-party applications Recovering deleted SQLite records Summary Chapter 06: iOS Forensic Tools Working with Cellebrite UFED Physical Analyzer Features of Cellebrite UFED Physical Analyzer Advanced logical acquisition and analysis with Cellebrite UFED Physical Analyzer Working with Magnet AXIOM Features of Magnet AXIOM Logical acquisition and analysis with Magnet AXIOM Working with Belkasoft Evidence Center Features of Belkasoft Evidence Center Logical acquisition and analysis with Belkasoft Evidence Center Working with Elcomsoft Phone Viewer Features of Elcomsoft Phone Viewer Filesystem analysis with Elcomsoft Phone Viewer Summary Section 2: Android Forensics Chapter 07: Understanding Android The evolution of Android The Android architecture The Linux kernel layer The Hardware Abstraction Layer Libraries Dalvik Virtual Machine (DVM) ART The Java API framework layer The system apps layer Android security Secure kernel The permission model Application sandbox Secure IPC Application signing Security-Enhanced Linux (SELinux) FDE Android Keystore TEE Verified Boot The Android file hierarchy The Android filesystem Viewing filesystems on an Android device Common filesystems found on Android Flash memory filesystems Media-based filesystems Pseudo filesystems Summary Chapter 08: Android Forensic Setup and Pre-Data Extraction Techniques Setting up a forensic environment for Android Installing the software Installing the Android platform tools Creating an Android virtual device Connecting an Android device to a workstation Identifying the device cable Installing device drivers Accessing the connected device The Android debug bridge USB debugging Accessing the device using adb Detecting connected devices Killing the local ADB server Accessing the adb shell Basic Linux commands Handling an Android device Screen lock bypassing techniques Using ADB to bypass the screen lock Deleting the gesture.key file Updating the settings.db file Checking for the modified recovery mode and ADB connection Flashing a new recovery partition Using automated tools Using Android Device Manager Bypass using Find My Mobile (for Samsung phones only) Smudge attack Using the forgot password/forgot pattern option Bypassing third-party lock screens by booting into safe mode Secure USB debugging bypass using ADB keys Secure USB debugging bypass in Android 4.4.2 Crashing the lock screen UI in Android 5.x Other techniques Gaining root access What is rooting? Understanding the rooting process Rooting an Android device Root access - ADB shell Summary Chapter 09: Android Data Extraction Techniques Understanding data extraction techniques Manual data extraction Logical data extraction ADB pull data extraction Using SQLite Browser to view the data Extracting device information Extracting call logs Extracting SMS/MMS Extracting browser history information Analysis of social networking/IM chats ADB backup extraction ADB dumpsys extraction Using content providers Physical data extraction Imaging an Android phone Imaging a memory (SD) card Joint Test Action Group The chip-off technique Summary Chapter 10: Android Data Analysis and Recovery Analyzing and extracting data from Android image files using the Autopsy tool The Autopsy platform Adding an image to Autopsy Analyzing an image using Autopsy Understanding techniques to recover deleted files from the SD card and the internal memory Recovering deleted data from an external SD card Recovering data deleted from the internal memory Recovering deleted files by parsing SQLite files Recovering files using file-carving techniques Recovering contacts using your Google account Summary Chapter 11: Android App Analysis, Malware, and Reverse Engineering Analyzing widely used Android apps to retrieve valuable data Facebook Android app analysis WhatsApp Android app analysis Skype Android app analysis Gmail Android app analysis Google Chrome Android app analysis Techniques to reverse engineer an Android application Extracting an APK file from an Android device Steps to reverse engineer Android apps Android malware Types of Android malware How does Android malware spread? Identifying Android malware Summary Section 3: Windows Forensics and Third-Party Apps Chapter 12: Windows Phone Forensics Windows Phone OS Windows 10 Mobile security model Chambers Encryption Capability-based model App sandboxing Windows Phone filesystem Data acquisition Commercial forensic tool acquisition methods Extracting data without the use of commercial tools SD card data extraction methods Key artifacts for examination Extracting contacts and SMS Extracting call history Extracting internet history Summary Chapter 13: Parsing Third-Party Application Files Introduction to third-party applications Chat applications GPS applications Secure applications Financial applications Social networking applications Encoding versus encryption iOS, Android, and Windows Phone application data storage iOS applications Android applications Windows Phone applications Forensic methods used to extract third-party application data Commercial tools Oxygen Forensic Detective Magnet AXIOM UFED Physical Analyzer Open source/free tools Working with Autopsy Other methods of extracting application data Summary Other Books You May Enjoy Index
