FAMA: Forensic Analysis for Mobile Apps


Android export and analysis box with built-in Autopsy module. Easily discard user data from a device and generate strong autopsy reports or external applications.

Characteristics

  • Export user application data from an Android device with ADB (root and ADB required).
  • Discard user data from an Android image or a mounted path.
  • Easily create sections for a specific Android application.
  • Create clear and legible JSON reports.
  • Full built-in auto analysis compatibility (data source processor module, absorption module, reference unit, geographical location, communication and schedule support).
  • Export HTML report based on the current case.

Prerequisites

Use

Scropt can be used directly in the terminal or as a module in Autopsy.

At the terminal

usage: start.py [-h] [-d DUMP [DUMP ...]] [-p PATH] [-o OUTPUT] [-a] app Forensics Artefacts Analyzer positional arguments: app Application or package to be analyzed  or 


optional arguments: -h, --help show this help message and exit -d DUMP [DUMP ...], --dump DUMP [DUMP ...] Analyze specific (s) dump (s) <20200307_215555 ...> -p PATH, --path PATH Dump app data in path (mount or folder structure) -o OUTPUT, --output OUTPUT Report output path folder -a, --adb Dump app data directly from device with ADB -H, - html Generate HTML report

At Autopsy

  1. Download repository contents (zip).
  2. Autopsy -> Tools -> Python Plugins
  3. Unzip the previously downloaded zip in the folder python_modules.
  4. Restart Autopsy, create a case, and select a module.
  5. Set your module options in the Ingest Module window selector.
  6. Click 'Create Report' to create an HTML report.

Tested on

  • Windows (primary)
  • Linux
  • Mac OS

Application snapshots

 

You can download the program from here..


Read them Technology News from all over the world, with the validity of iGuRu.gr

Follow us on Google News iGuRu.gr at Google news