Chapter 5. Extracting Data Physically from Android Devices

This chapter will be covering physical data extraction using free and open source tools wherever possible. The majority of the material covered in this chapter will use the ADB methods previously discussed in this book. By the end of this chapter, the reader should be familiar with the following concepts:

What physical extraction means
What data to expect from physical extractions
Physical data extractions using the dd and nanddump commands
RAM imaging and analysis
SD card acquisitions
JTAG and chip-off methods

Physical extraction overview

In digital forensics, a physical extraction is an exact bit-for-bit image of the electronic media, and this definition remains true for mobile devices too. ...

Get Learning Android Forensics now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Learning Android Forensics by Rohit Tamma, Donnie Tindall

Chapter 5. Extracting Data Physically from Android Devices

Physical extraction overview

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly