iOS Forensics: Using iLEAPP
What is IOS Forensics
To understand iOS forensics, we should focus on the question: what is forensics? Digital forensics is the collection of digital evidence through the process of identifying, collecting, examining, and analyzing said data. See NIST's glossary for the word: digital forensics for more information. Digital forensics is the parent whereas mobile forensics is the child; mobile forensics focuses on collecting evidence from mobile devices such as smartphones, tablets, e-readers, and even fitness trackers.
Digital Forensics > Mobile Forensics > iOS Forensics.
What is iLEAPP
So, in order to pull digital evidence from a mobile device, we are looking at some type of tool that can either extract and/or examine this evidence. My choice was iLEAPP. iLEAPP is an iOS log parser/forensics tool created by Alexis Brignoni. For more information about iLEAPP, check out Brignoni's blog.
Installing iLEAPP
So, after struggling and trying to install all the packages individually (when the line that 13Cubed gave me wasn't working for me for some reason), I finally managed to open the GUI!
Here is a list of requirements:
Seeing the iOS Logs
As seen on the home page, we can see the device's details have been parsed, including information such as the device's name and the model type. As you take a look through the different logs, you can see all sorts of information.
Penetration Tester / Application Security
1 年Fantastic post! Just curious, why did you choose this tool Vs the others. Full disclosure, I know nothing about forensics but always curious to why a certain tool is chosen over the others