In this course content blog we want to share an Android Forensics challenge - we are publishing evidence files from our Android Forensics course, along with some questions from Module 2 assignment in this course. If you're looking to test your skills and have some fun, this is for you!
PLEASE LOG IN TO ACCESS DOWNLOAD LINKS
For evidence in the data1 folder, perform analysis and answer the following questions:
- When was the usagestats file created?
- On that same day, when and for how long was a messaging app used?
- True or false: Twitter application has been used on the device between Apr 6th 2020, 03:51 AM, GMT and Apr 7th
2020, 03:51AM GMT.
- True or false: User has logged into an active Twitter account on this device.
For evidence in the data2 folder, perform analysis and answer the following questions:
- One application has the debuggable flag set to 1. What is its APPID?
- Where is the data of that app stored?
- Does it have any supplementary GIDs, and if yes, what are they?
- Which three packages share the user ID 1001?
If you want to check if you got it right, email your answers to our course coordinator Marta, at [email protected]
Want more? These questions are only 1/5 of the Module 2 assignment - the workshop is packed with information and lab work! This course will train you to approach an Android mobile device forensically. It is meticulously curated to teach you the continually relevant aspects of Android Mobile Forensics. In the process of doing so, you will also gain proficiency about how to replenish your forensics skills, to keep in tune with the perpetually changing Android world.
All the modules include hands-on assignments to test your newly-gained skills.
What skills will you gain?
- You will learn about the intricacies involved in forensically handling an Android device.
- You will be exposed to a myriad of tools available, which will give you the confidence to experiment with more tools on your own.