Open Source Android Forensics

With more and more people using mobile devices, there’s a growing need to examine these devices forensically.  While there are commercial tools available, it only makes sense that there should be open source tools to use for it as well.

To that end Andrew Hoog of viaForensics has announced the first release of their Android Forensics application. Better yet, the application has been released under the GPL, so other developers will be free to tinker with the source, and hopefully expand the app’s capabilities.

The app is an APK file (currently unsigned, so to use it untrusted sources would need to be allowed on the device) which can be loaded on the device by using the Android SDK.  Once loaded it can compile information from various sources on the device including:

  • Browser history
  • Call logs
  • Contacts (including the different contact methods and other contact data)
  • SMS messages

The information is compiled into CSV files which can then be downloaded onto a workstation for review.  From the announcement it appears there are high hopes that more information can be gathered from the device, but this is certainly a start.

Announcement at the SANS Digital Forensics Blog

Google Code Project Page

viaForensics Blog

Leave a Reply