• Home

  • Documents

  • Live Memory Forensics on Android With Volatility
prev
next
out of 109

Live Memory Forensics on Android With Volatility

  • Upload
    kasma

  • View
    242

  • Download
    0

Embed Size (px)

Citation preview

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    1/109

    http://www1.informatik.uni-erlangen.de/

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    2/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    3/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    4/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    5/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    6/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    7/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    8/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    9/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    10/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    11/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    12/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    13/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    14/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    15/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    16/109

    http://developer.android.com/sdk/index.htmlhttp://code.google.com/p/dalvik/

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    17/109

    http://de.wikipedia.org/wiki/GNU_General_Public_Licensehttps://www.volatilesystems.com/default/volatilityhttp://source.android.com/

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    18/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    19/109

    http://www.eclipse.org/mat/

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    20/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    21/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    22/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    23/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    24/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    25/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    26/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    27/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    28/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    29/109

    http://opensource.samsung.com/

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    30/109

    http://code.google.com/p/lime-forensics/downloads/listhttp://forum.xda-developers.com/showthread.php?t=755265http://forum.xda-developers.com/showthread.php?t=1347899http://forum.xda-developers.com/

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    31/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    32/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    33/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    34/109

    http://reality.sgiweb.org/davea/dwarf.htmlhttps://code.google.com/p/volatility/wiki/LinuxMemoryForensics

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    35/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    36/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    37/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    38/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    39/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    40/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    41/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    42/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    43/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    44/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    45/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    46/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    47/109

    http://developer.android.com/http://code.google.com/p/dalvik/

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    48/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    49/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    50/109

    http://en.wikipedia.org/wiki/Reflection_(computer_programming)

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    51/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    52/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    53/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    54/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    55/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    56/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    57/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    58/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    59/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    60/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    61/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    62/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    63/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    64/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    65/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    66/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    67/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    68/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    69/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    70/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    71/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    72/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    73/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    74/109

    http://code.google.com/p/android-random/downloads/detail?name=axml2xml.plhttp://code.google.com/p/android-random/downloads/detail?name=axml2xml.plhttp://code.google.com/p/android-apktool/

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    75/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    76/109

    http://www.whatsapp.com/http://code.google.com/p/k9mail/

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    77/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    78/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    79/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    80/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    81/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    82/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    83/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    84/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    85/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    86/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    87/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    88/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    89/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    90/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    91/109

    http://lists.volatilesystems.com/pipermail/vol-dev/2013-January/000198.htmlhttp://lists.volatilesystems.com/pipermail/vol-dev/2013-January/000198.htmlhttp://lists.volatilesystems.com/pipermail/vol-dev/2012-October/000187.htmlhttp://lists.volatilesystems.com/pipermail/vol-dev/2012-October/000187.html

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    92/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    93/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    94/109

    http://developer.android.com/http://developer.android.com/

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    95/109

    http://docs.oracle.com/javase/tutorial/http://docs.oracle.com/javase/tutorial/http://c-skills.blogspot.de/2010/08/droid2.htmlhttp://c-skills.blogspot.de/2010/08/droid2.htmlhttp://code.google.com/p/k9mail/http://code.google.com/p/k9mail/http://lime-forensics.googlecode.com/files/LiME_Documentation_1.1.pdfhttp://lime-forensics.googlecode.com/files/LiME_Documentation_1.1.pdfhttp://www.itproportal.com/2012/03/02/25ca8c92-645e-11e1-a090-fefdb24f8a11/http://www.itproportal.com/2012/03/02/25ca8c92-645e-11e1-a090-fefdb24f8a11/https://www.idc.com/getdoc.jsp?containerId=prUS23771812https://www.idc.com/getdoc.jsp?containerId=prUS23771812

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    96/109

    http://en.wikipedia.org/w/index.php?title=Android_(operating_system)&oldid=530060896http://en.wikipedia.org/w/index.php?title=Android_(operating_system)&oldid=530060896http://www.whatsapp.com/http://www.whatsapp.com/https://twitter.com/WhatsApp/status/238680463139565568https://twitter.com/WhatsApp/status/238680463139565568https://code.google.com/p/volatility/https://code.google.com/p/volatility/

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    97/109

    http://en.wikipedia.org/w/index.php?title=Forensic_science&oldid=520203985http://en.wikipedia.org/w/index.php?title=Forensic_science&oldid=520203985http://en.wikipedia.org/w/index.php?title=Data_structure_alignment&oldid=525379887http://en.wikipedia.org/w/index.php?title=Data_structure_alignment&oldid=525379887http://en.wikipedia.org/w/index.php?title=Cross_compiler&oldid=518389473http://en.wikipedia.org/w/index.php?title=Cross_compiler&oldid=518389473http://en.wikipedia.org/w/index.php?title=.bss&oldid=525501314http://en.wikipedia.org/w/index.php?title=.bss&oldid=525501314http://en.wikipedia.org/w/index.php?title=Android_rooting&oldid=528094233http://en.wikipedia.org/w/index.php?title=Android_rooting&oldid=528094233

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    98/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    99/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    100/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    101/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    102/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    103/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    104/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    105/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    106/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    107/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    108/109

  • 8/10/2019 Live Memory Forensics on Android With Volatility

    109/109


Android Forensics Simplifying Cell Phone Examinations

Android Forensics Simplifying Cell Phone Examinations

Documents
Android– forensics and security testing

Android– forensics and security testing

Technology
Digital Forensics Analysis for Data Theft - IJoFCSijofcs.org/V10N1-PP04-data-forensic.pdf_____ P.S. Lokhande and and B.B. Meshram 32 4) Volatility: Volatility is the memory forensics

Digital Forensics Analysis for Data Theft - IJoFCSijofcs.org/V10N1-PP04-data-forensic.pdf_____ P.S. Lokhande and and B.B. Meshram 32 4) Volatility: Volatility is the memory forensics

Documents
Android forensics deep dive - Schatz Forensic

Android forensics deep dive - Schatz Forensic

Documents
DEFTCON 2012 - Alessandro Rossetti - Android Forensics

DEFTCON 2012 - Alessandro Rossetti - Android Forensics

Documents
Huntingmalwarewith Volatility v2 - reconstructer.org malware with Volatility v2.0.pdf · What is Volatility? Forensics framework to acquire digital artifacts from memory dumps Completely

Huntingmalwarewith Volatility v2 - reconstructer.org malware with Volatility v2.0.pdf · What is Volatility? Forensics framework to acquire digital artifacts from memory dumps Completely

Documents
Android Forensics and Security Testing Course_PUBLIC_RELEASE

Android Forensics and Security Testing Course_PUBLIC_RELEASE

Documents
Mac Memory Analysis with Volatility - SANS Computer Forensics

Mac Memory Analysis with Volatility - SANS Computer Forensics

Documents
Android Mind Reading - SANS Computer Forensics

Android Mind Reading - SANS Computer Forensics

Documents
Schuster Windows Memory Forensics with Volatilitycomputer.forensikblog.de/files/talks/FIRST2009-Windows_Memory... · Title: Schuster_Windows Memory Forensics with Volatility Author:

Schuster Windows Memory Forensics with Volatilitycomputer.forensikblog.de/files/talks/FIRST2009-Windows_Memory... · Title: Schuster_Windows Memory Forensics with Volatility Author:

Documents
Android forensics - Högskolan Dalarnausers.du.se/~hjo/cs/dt2016/presentation/emes_09_android_forensics... · Android forensics Part 2 boot process, security, system, rooting, dumping,

Android forensics - Högskolan Dalarnausers.du.se/~hjo/cs/dt2016/presentation/emes_09_android_forensics... · Android forensics Part 2 boot process, security, system, rooting, dumping,

Documents
Android Forensics and Security Testing Course_PUBLIC_RELEASE

Android Forensics and Security Testing Course_PUBLIC_RELEASE

Documents
Android forensics an Custom Recovery Image

Android forensics an Custom Recovery Image

Education
Android Mind Reading: Android Live Memory Analysis with LiME and Volatility

Android Mind Reading: Android Live Memory Analysis with LiME and Volatility

Technology
Android forensics

Android forensics

Technology
Live Memory Forensics on Android with Volatility - homac.de · Live Memory Forensics on Android with Volatility Diploma Thesis in Computer Science by Holger Macht born on 18 August

Live Memory Forensics on Android with Volatility - homac.de · Live Memory Forensics on Android with Volatility Diploma Thesis in Computer Science by Holger Macht born on 18 August

Documents
Enabling Proactive Forensics in Android ROMs

Enabling Proactive Forensics in Android ROMs

Documents
Practical Infeasibility of Android Smartphone Live Forensics

Practical Infeasibility of Android Smartphone Live Forensics

Documents
Live Memory Forensics on Android with Volatility - homac.de

Live Memory Forensics on Android with Volatility - homac.de

Documents
Android forensics - index-of.co.uk/index-of.co.uk/presentation/emes_08_android_forensics_p1_w5.pdf• Further complicating Android forensics is the sheer ... • While a logical analysis

Android forensics - index-of.co.uk/index-of.co.uk/presentation/emes_08_android_forensics_p1_w5.pdf• Further complicating Android forensics is the sheer ... • While a logical analysis

Documents
Android Forensics ClubHack v2

Android Forensics ClubHack v2

Documents
Remote Live Forensics for Android Devices

Remote Live Forensics for Android Devices

Documents
Learning Android Forensics - Sample Chapter

Learning Android Forensics - Sample Chapter

Documents
Android forensics (Manish Chasta)

Android forensics (Manish Chasta)

Technology
Android Forensics - unipi.gr

Android Forensics - unipi.gr

Documents
Android forensics por Luis Alberto Solis Solis

Android forensics por Luis Alberto Solis Solis

Technology
Windows Registry Forensics with Volatility Framework

Windows Registry Forensics with Volatility Framework

Software
Memory Forensics With Volatility

Memory Forensics With Volatility

Documents
Mobile Forensics: An analysis of Android architecture and ...forensics techniques. Findings reveal that mobile forensics techniques for Android devices are invasive procedures that

Mobile Forensics: An analysis of Android architecture and ...forensics techniques. Findings reveal that mobile forensics techniques for Android devices are invasive procedures that

Documents
Manish Chasta - Android forensics

Manish Chasta - Android forensics

Technology