This book is aimed mainly at forensic practitioners, and it is assumed that the reader has some basic knowledge of computer forensics it will also be of interest to computer professionals in general particularly those who have an interest in the SQLite file format.īy clicking the button below, you will be taken to the SQlite Forensics book listing on Amazon. We cover basic SQL queries and how they can be used to create a custom report that includes data from different tables, and we show how we can use SQL queries to test hypothesizes about the relationships of data in different tables. We also describe how the workings of SQLite, and in particular the journal and WAL, can be used to ascertain what has happened in a manner that cannot be determined from the data alone. It is important to have a broad knowledge of the platform used and the SQLite files used to store data, throughout the investigation process. 2013 Forensic Analysis of WhatsApp on Android. We show how records are encoded, how to decode them manually and how to decode records that are partially overwritten. and valuable data can be found on Android phones by forensic investigators. In this book, we cover the format of the SQLite database and associated journal and Write-Ahead Logs (WAL) in great detail. Given the above, the importance of examining all of the data held in these databases in an investigation is paramount, and of course, this includes examining deleted data whenever possible. Each computer or phone using SQLite often has hundreds of SQLite databases and it is estimated that there are over one trillion SQLite databases in active use. SQLite is a self-contained SQL database engine that is used on every smartphone (including all iOS and Android devices) and most computers (including all Macs and Windows 10 machines). Written by Paul Sanderson, one of the industries leading experts on SQLite Forensics.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |