Explore the wealth of forensic artifacts generated by seemingly inactive iPhones in this 33-minute SANS DFIR Summit 2024 presentation. Delve into newly discovered iOS artifacts and learn how System logs can provide crucial information for investigations, especially when Full File System (FFS) images are unavailable. Discover how logs intended for crash reporting and system monitoring can be leveraged by forensic analysts to uncover valuable data. Join speakers Cesar Quezada, Director of Forensics at Hexordia, and Nick Dubois, Mobile Vulnerability Researcher at Hexordia, as they reveal techniques for extracting and analyzing these hidden artifacts from idle iOS devices.
Extracting Forensic Artifacts from Seemingly Idle iOS Devices - Dormant Devices, Chatty Logs
Overview
Syllabus
Dormant Devices, Chatty Logs: Extracting Forensic Artifacts from Seemingly Idle iOS Devices
Taught by
SANS Digital Forensics and Incident Response
Related Courses
-
Computer Hacking and Forensics
-
Who Hacked Who? PsExec Forensic Artifacts
-
Input Output + Syslog - Obtaining Data From Locked iOS Devices via Live Monitoring
-
The Forensic Frontier - Exploring Digital Forensics and Cybersecurity
-
Using Apple Sysdiagnose for Mobile Forensics and Integrity Checks - Hack.lu 2023
-
Beyond Windows Forensics With Built-in Microsoft Tooling
