iPhone

Authors: Andrew Hoog (GCFA,CCE) and Katie Strzempka Released: November 2010

Independent Research and Reviews of iPhone Forensic Tools

This white paper is intended for forensic analysts, corporations and consumers who want to understand what personal information is stored on the iPhone and how to recover it. The research reveals the vast amount of personal information stored on Apple’s iPhone and reviews techniques and software for retrieving this information. For questions about our research or our services, please contact us.

Note: viaForensics is independent and is not compensated in any way by the makers of the software reviewed in this white paper.

  1. About this white paper
  2. iPhone Forensics Overview and Techniques
  3. Cellebrite UFED
  4. FTS iXAM
  5. Oxygen Forensic Suite 2010 PRO
  6. Micro Systemation XRY
  7. Lantern
  8. MacLock Pick
  9. Black Bag Technology Mobilyze
  10. Zdziarski Technique
  11. Paraben Device Seizure
  12. Mobile Sync Browser
  13. CellDEK
  14. EnCase Neutrino
  15. iPhone Analyzer
  16. Overall Rankings
  17. Report Conclusions
11-11-10
About
Chapter 1: About this White Paper About the Authors Mobile Forensics About viaForensics Our Philosophy 1.1 About the Authors Andrew ...

About

Chapter 1: About this White Paper About the Authors Mobile Forensics About viaForensics Our Philosophy 1.1 About the Authors Andrew Hoog is a computer scientist, certified forensic analyst (GCFA and CCE), computer and mobile forensics researcher, former adjunct professor (assembly language) and founder of viaForensics. As Chief Investigative Officer, he divides his energies between hands-on… read more

11-11-10
Overview and Techniques
Chapter 2. iPhone Forensics Overview and Techniques Introduction iPhone Technical Overview iPhone Forensic Analysis Physical vs. ...

Overview and Techniques

Chapter 2. iPhone Forensics Overview and Techniques Introduction iPhone Technical Overview iPhone Forensic Analysis Physical vs. Logical tools Introduction The iPhone was introduced on January, 2007 and as of 2009, took 3rd place in smart phone sales. As of April 2010, over 50 million iPhones have been sold. And Apple is extending the iPhone operating system (iOS)… read more

11-11-10
Cellebrite UFED
Chapter 3. Cellebrite UFED Summary Installation Forensic Acquisition Results and Reporting Matrix of Results Conclusions Summary (from ...

Cellebrite UFED

Chapter 3. Cellebrite UFED Summary Installation Forensic Acquisition Results and Reporting Matrix of Results Conclusions Summary (from Company Information) The CelleBrite UFED is a standalone self contained Fast reliable system that provides data extraction of content stored in mobile phones. It can quickly extract critical evidence from over 2,500* verified up-to date supported Mobile Devices i.e…. read more

11-11-10
FTS iXAM
Chapter 4: FTS iXAM Summary Installation Forensic Acquisition Results and Reporting Matrix of Results Conclusions Summary (from Company ...

FTS iXAM

Chapter 4: FTS iXAM Summary Installation Forensic Acquisition Results and Reporting Matrix of Results Conclusions Summary (from Company Information) Zero-Footprint Forensic Acquisition for Apple iPhone™ and iPod Touch™ iXAM® is able to provide comprehensive, non-invasive data recovery from the Apple iPhone™ and iPod Touch™. iXAM® is proven to deliver a range of information potentially vital… read more

11-11-10
Oxygen Forensic Suite
Chapter 5: Oxygen Forensic Suite 2010 PRO Summary Installation Forensic Acquisition Results and Reporting Matrix of Results Conclusions ...

Oxygen Forensic Suite

Chapter 5: Oxygen Forensic Suite 2010 PRO Summary Installation Forensic Acquisition Results and Reporting Matrix of Results Conclusions Summary (from Company Information) Oxygen Forensic Suite 2010 is mobile forensic software that goes beyond standard logical analysis of cell phones, smartphones and PDAs. Use of advanced proprietary protocols and phone APIs makes it possible to pull much more… read more

11-11-10
Micro Systemation XRY
Chapter 6: Micro Systemation XRY Summary Installation Forensic Acquisition Results and Reporting Matrix of Results Conclusions Summary ...

Micro Systemation XRY

Chapter 6: Micro Systemation XRY Summary Installation Forensic Acquisition Results and Reporting Matrix of Results Conclusions Summary (from Company Information) XRY is a dedicated mobile device forensic tool developed by Micro Systemation (MSAB) based in Stockholm. XRY has been available since 2002 and ‘XRY Complete’ is a package containing both software and hardware to allow… read more

11-11-10
Lantern
Chapter 7. Lantern Summary Installation Forensic Acquisition Results and Reporting Matrix of Results Conclusions Summary (from Company ...

Lantern

Chapter 7. Lantern Summary Installation Forensic Acquisition Results and Reporting Matrix of Results Conclusions Summary (from Company Information) Katana Forensics’ goal is to design affordable, intuitive tools for extracting data and artifacts from Smartphone devices without altering the evidence. Katana Forensics is a US-based company with an extensive background in law enforcement and computer forensics. Unlike similar… read more

11-11-10
MacLock Pick
Chapter 8: MacLock Pick Summary Installation Forensic Acquisition Results and Reporting Matrix of Results Conclusions Summary (from ...

MacLock Pick

Chapter 8: MacLock Pick Summary Installation Forensic Acquisition Results and Reporting Matrix of Results Conclusions Summary (from company information) MacLockPick II (MLP) by SubRosaSoft (makers of MacForensicLab) takes a unique approach to forensic acquisition. The goal of MLP is to provide a cross platform forensic solution that performs a live acquisition of a suspect machine… read more

11-11-10
Black Bag Technology Mobilyze
Chapter 9: Black Bag Technology Mobilyze Summary Installation Forensic Acquisition Results and Reporting Matrix of Results Conclusions ...

Black Bag Technology Mobilyze

Chapter 9: Black Bag Technology Mobilyze Summary Installation Forensic Acquisition Results and Reporting Matrix of Results Conclusions Summary (from Company Information) Mobilyze was specifically designed to forensically analyze iPhone, iPod Touch and iPad devices. It runs natively in Mac OS X, offering examiners the most comprehensive means of accessing the most relevant data from heavily… read more

11-11-10
Zdziarski
Chapter 10: Zdziarski Technique Summary Installation Forensic Acquisition Results and Reporting Matrix of Results Conclusions Summary ...

Zdziarski

Chapter 10: Zdziarski Technique Summary Installation Forensic Acquisition Results and Reporting Matrix of Results Conclusions Summary (from company material) Jonathan Zdziarski is a former Research Scientist for McAfee, Inc., and well known outside of work in the iPhone community as “NerveGas”, who has contributed significantly to research into the iPhone and iPod touch. He has… read more

Join Our Team

View Openings