New iOS Geolocation Artifacts, iOS Location Shenanigans, Time Zones, Do You Realm?, and The Meme Of The Week!

Ever wondered how to make the most of data analysis tools like iOS Spotlight Store DB and Realm Databases? We're here to share our experiences, tips, and favorite resources to help you elevate your data extraction skills. Join us, as we discuss the amazing work of Yogesh Khatri, the creator of a game-changing parser and as we guide you through the vast world of data extraction and analysis techniques.

We begin our journey with iOS Spotlight Store DB, revealing the treasures hidden within and how to use Yogesh's parser to uncover its secrets. We then navigate through Realm Databases, sharing our encounters with data stores and tools for parsing extracted data. We also share our personal workflow process, granting you a peek into our data analysis strategies. But we're not done yet. Our adventure takes a detour towards Google Maps Geolocation Artifacts, where we highlight the amazing work of The Binary Hick and his research of the audio files and geolocation points related to navigation.

Finally, we explore the nuanced art of analyzing timestamps and locations in images, revealing a fascinating intersection of data and intent. We share how we use Python scripts, manual offsets, and more to make data time-zone aware. Wrapping up our discussion, we emphasize the vitality of research in data analysis and the role of code in automation. So, buckle up for a thrilling ride into the mesmerizing world of data extraction and analysis. You'll come out the other side armed with fresh insights and new tools at your disposal.

Notes:

iOS Spotlight store.db:

https://github.com/ydkhatri/spotlight_parser

Realm Databases:

https://www.mongodb.com/docs/realm/studio/

The Binary Hick-Finding Phones with Google Maps:

https://thebinaryhick.blog/2023/10/17/finding-phones-with-google-maps-part-1-android/

iOS Media Adjustments:

https://www.doubleblak.com/blogPosts.php?id=23

FTK Mobile, Cellphone Forensics Tool Comparisons, and New Open Source Artifacts. Competition is Heating Up in the Mobile Forensics Space.

Ready for the breakdown of the newest player in the mobile forensics field, FTK 8? This latest release includes a facelift, enhanced mobile support, and a plethora of supportive features for mobile devices. From app-specific mobile artifacts like Discord, Facebook, Kik, Snapchat, WhatsApp, to calls, conversations, contacts, MMS, and SMS, FTK 8 is geared up. Plus, its Smart View tab provides new mini and super timeline features as well as enhancements to their multimedia view.

Our chat extends beyond the merits of FTK 8 to the realm of portable cases and the case review aspect of all digital forensic tools. Uncover how the right network setup can boost review speed and why understanding the limitations of portable cases is crucial for examiners and stakeholders alike. We also discuss how focusing on artifact-based reviews, can enhance efficiency. But that's not it! We also delve into the importance of data validation and why a user-friendly interface is key for people reviewing and examining cases.

Interested in hearing about comparative analysis? Tune in for an in-depth discussion about comparing the capabilities of one forensic tool to another and the possible outcomes of such a competitive assessment.

New to iLEAPP? We've got you covered! Together, we unearth new artifacts like the last car connection and voicemail artifacts, even recently deleted (trashed) voicemail - critical elements that will revolutionize your review process. Understanding the significance of analyzing torrent data encoded in Bencode, linking media on a device to files used to acquire that media, is another key takeaway from our conversation. To wrap things up, we express our heartfelt gratitude to you, our listeners and thank you for joining us on this fascinating journey into the world of digital forensics.

Notes-

FTK 8

https://www.exterro.com/ftk-8-0

iOS 15 Image Forensics Analysis and Tools Comparison Project

https://blog.digital-forensics.it/2023/09/ios-15-image-forensics-analysis-and.html

LEAPPS

https://github.com/abrignoni