IOS FORENSICS WITH OPEN-SOURCE TOOLS presented at blackhatsummer 2014

by Andrey Belenko,

Summary : This workshop is for attendees who want to become familiar with current state-of-the-art techniques in iOS forensics. The focus will be on data extraction and we will try to limit ourselves to open-source or freely available tools. Both jail broken and non-jail broken devices will be covered.
I will walk you through all required theoretical background and we will then run the hands-on exercises.
Introduction to digital forensics
Introduction to iOS security
How iOS data protection works?
How passcode works?
Various acquisition methods, their pros and cons
Logical
Filesystem
Physical
NAND
Making sense of acquired data
iCloud rorensics
It will help if you bring a laptop running OS X and an iOS device running anything prior to iOS 8.