Manual ADB data extraction

The ADB pull command can be used to pull single files or entire directories directly from the device on to the forensic examiner's computer. This method is especially useful for small, targeted examinations. For example, in an investigation strictly involving SMS messages, the examiner can choose to pull just the relevant files.

USB debugging

Setting up the ADB environment has been previously discussed in this book. However, the device under examination must also be configured properly. USB debugging is the actual method through which the examiner's computer will communicate with the device. The USB debugging option is found under the Developer options in the Settings menu. However, as of Android 4.2, the Developer Options ...

Get Learning Android Forensics now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Learning Android Forensics by Rohit Tamma, Donnie Tindall

Manual ADB data extraction

USB debugging

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly