Fast iPhone forensic analysis with iLEAPP
Вставка
- Опубліковано 9 чер 2024
- iPhone forensic analysis can be complicated, but sometimes you need to quickly access some of the most common information. iOS Logs, Events, And Plists Parser (iLEAPP) is a fast iPhone forensic triage tool that will parse out some of the most common data sources and applications. It is free to use and easy to expand with your own modules written in Python.
Thank you to all of our Patrons for sponsoring DFIR Science.
Especially The Ranting Geek. Thank you so much!
This video shows how to get started with iLEAPP if you already have a dump of iPhone data. iLEAPP is a simple way to start with iPhone forensics, but keep in mind that it is not as comprehensive as other tools. You may need to manually conduct an iPhone forensic analysis to pull out more information that iLEAPP cannot yet parse.
00:00 The Case
00:11 Getting iLEAPP
00:35 Install iLEAPP requirements
00:49 Run iLEAPP GUI
01:23 Review the iLEAPP report
01:49 Case-relevant artifacts
02:33 Limits of iLEAPP
02:47 Easily keep iLEAPP up to date
03:27 iLEAPP review
bit.ly/2Ij9Ojc - 👍 Subscribe for weekly videos
❤️ Get early access and bonus content - / dfirscience
Links:
* github.com/abrignoni/iLEAPP
#DFIR #iPhone #iLEAPP #forensics
010001000100011001010011011000110110100101100101011011100110001101100101
Help make DFIR tutorials
👍 Subscribe → bit.ly/2Ij9Ojc
🛒 Shop → swag.dfir.science
❤️ Patreon → / dfirscience
🕸️ Blog → DFIR.Science
🤖 Code → github.com/DFIRScience
🐦 Follow → / dfirscience
📰 DFIR Newsletter → bit.ly/DFIRNews
010100110111010101100010011100110110001101110010011010010110001001100101
Tools to help manage your UA-cam Channel: www.tubebuddy.com/DFIRScience
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. Please link back to the original video. If you want to use this video for commercial purposes, please contact us first. We would love to see what you are doing and will probably allow its use. - Наука та технологія
Damn - this guy flies thru plenty of info but does it in a way that a dolt (me) can follow along. Really hard to pull that off on a subject as complex as digital forensic recovery. Thanks
Good Stuff, thanks
Glad you enjoyed it
Thanks great vid m8 ...
Thanks a lot.
👍Cheers bud!!
Thumbs up!
Thanks a lot!
brooooo i love the hashtag. its a must
Great job! What do you recommend to generate the dump?
Check out iOS triage (github.com/RealityNet/ios_triage) - it's also built into Tsurugi Linux. The dumpin the video was made with Cellebrite (Cellebrite CTF 2021)
@@DFIRScience Thanks! BTW Tsurugi it's great.
Hi DFIR Science, I am working on a project for school where I would like to utilize the tool you mentioned. Where could I retrieve dumps for research purposes? (i.e. Wiki Packet captures for Wireshark analysis) What are some good sites for iPhone dumps?
For forensic data sets check out cfreds.nist.gov/ and digitalcorpora.org/corpora/disk-images
That will give you a lot of older and up to date data sets to work with.
If my phone has been hacked by my employer could you see where they have some sort of trace on my phone? Or they have my data sent to their phone?
check the log files
How can I find the last unlock time through ileapp??
Make sure you have the most up-to-date version of iLEAPP. There are modules for ios activities, but also for user activities.
Sir Hello I'm Isaac. Sir what books do you recommend for Fundamentals, principles and Concepts in Digital Forensics.
That's a good question. A few books came out this year that look interesting. Let me make a list and get back to you.
@@DFIRScience sure sir thank you
@@DFIRScience that will be an amazing thing to read
How you can extract dump of the iPhone? Hmmm
Check out iOS triage (github.com/RealityNet/ios_triage) - it's also built into Tsurugi Linux. The dump in the video was made with Cellebrite (Cellebrite CTF 2021)
Sir pls send the dump
Links for the image and password can be found here: www.stark4n6.com/2021/10/cellebrite-ctf-2021-marshas-iphone.html
Sir which one I need to download? There is total 3 file and 1 is around 10 gb and that one is needed, I think. Am I right sir?
@@sayankumardey6826 you need all three pieces. When you unzip them they make one large phone image.
Oh ok sir