Android Forensics Challenge [FREE COURSE CONTENT]

In this course content blog we want to share an Android Forensics challenge - we are publishing evidence files from our Android Forensics course, along with some questions from Module 2 assignment in this course. If you're looking to test your skills and have some fun, this is for you! 

---

Download files: 

PLEASE LOG IN TO ACCESS DOWNLOAD LINKS

---

For evidence in the data1 folder, perform analysis and answer the following questions: 

1. When was the usagestats file created? 
2. On that same day, when and for how long was a messaging app used? 
3. True or false: Twitter application has been used on the device between Apr 6th 2020, 03:51 AM, GMT and Apr 7th
   2020, 03:51AM GMT.
4. True or false: User has logged into an active Twitter account on this device.

 

For evidence in the data2 folder, perform analysis and answer the following questions: 

1. One application has the debuggable flag set to 1. What is its APPID? 
2. Where is the data of that app stored? 
3. Does it have any supplementary GIDs, and if yes, what are they? 
4. Which three packages share the user ID 1001? 

---

If you want to check if you got it right, email your answers to our course coordinator Marta, at [email protected]

---

Want more? These questions are only 1/5 of the Module 2 assignment - the workshop is packed with information and lab work!  This course will train you to approach an Android mobile device forensically. It is meticulously curated to teach you the continually relevant aspects of Android Mobile Forensics. In the process of doing so, you will also gain proficiency about how to replenish your forensics skills, to keep in tune with the perpetually changing Android world.