Clik here to view.
Finding Geo
Monkey, just keep swimming through the WinPhone data ... ya clown!UPDATE 6OCT2015: Edited FindMyPhone and Multimedia sections + added suspected main Location setting Registry location.A couple of...
View ArticleClik here to view.
Windows Phone 8.10 MMS (for Lumia 530) ...
Now with attachment info! Catch the excitement!We recently noticed that while some commercial forensic tools show Windows Phone 8.10 MMS transaction information (eg Date, Phone number), they do not...
View ArticleClik here to view.
An Initial Peep at Windows 10 Mobile (Lumia 435)
Ooh! Yeah, show me where you keep your store.vol you dirty winphone you!At first glance, the Windows 10 Mobile GUI looks a lot like Windows Phone 8. This post will focus on some key mobile...
View ArticleClik here to view.
The Chimp That Pimps And An Introduction to e.MMC Flash Memory Forensics
Pimpin Ain't Easy?SANS is offering the top 3 referrers to its DFIR Summit 2016 website, an Amazon Echo smart speaker.As of 11 May 2016, this Chimpy McPimpy was number 5 on the list.Chimpy would very...
View ArticleClik here to view.
Panel Beaten Monkey
FYI: A "Panel Beater" = Auto body mechanic in Monkeytown-eseThis Monkey was recently invited to shit himself sit on a SANS DFIR Summit panel discussing Innovation in Mobile Forensics with an All-Star...
View ArticleClik here to view.
A Timestamp Seeking Monkey Dives Into Android Gallery Imgcache
Are you sure?! Those waters look pretty turdy ...UPDATE 4AUG2016: Added video thumbnail imgcache findings and modified version of script for binary timestamps. Did you know that an Android device can...
View ArticleClik here to view.
Google S2 Mapping Scripts
Sorry Monkey - there is just no point to mapping jokes ...Cindy Murphy's recent forensic forays into Pokemon Go (here and here) have inspired further monkey research into the Google S2 Mapping library....
View ArticleClik here to view.
Monkey Plays (LAN) Turtle
OMG! Sooo Turtle-y!The Hak5LAN Turtle recently plodded across our desk so we decided to poke it with a stick and see how effective it is in capturing Windows (7) credentials.From the LAN Turtle...
View ArticleClik here to view.
Monkey Unpacks Some Python
UNPACK-ing Python .. Now with added monkey!Some forensic folks have suggested that a Python tutorial on how to read/print binary data types might be helpful to budding Python programmers in the...
View ArticleClik here to view.
Monkey takes a .heic
The hills are alive ... with the compression of H.265!With iOS 11 and macOS High Sierra (10.13), Apple has introduced a file container format called High Efficiency Image File Format (aka HEIF -...
View ArticleClik here to view.
A Monkey Forays Into USB Flashdrives
What a Feeling Indeed!Recently monkey was tasked with extracting data from a broken USB flash drive that had previously been "repaired" by another party. It still did not work however.The following...
View ArticleClik here to view.
Recovering and Replaying Garmin Voice Instructions
Wait a minute monkey, did you say Carmen or Garmin?We had a damaged Garmin nuvi 56LM GPS unit from which we recovered a text file containing a voice log.It was a bit of an unusual process so we thought...
View ArticleClik here to view.
iOS14 Maps History BLOB Script
Another BLOBBY SQL (Sequel)!A quick post to introduce a new iOS 14 Apple Maps History helper script ...Thanks to Heather Mahalik for sharing her research and for both her and her associate Sahil's...
View ArticleClik here to view.
Monkey Test Drives a Honda Accord
"The red ones go faster!" - original picture sourced from caranddriver.comMonkey recently "test drove" ("test-parsed"?) a data dump from a 2016 Honda Accord (USA).This post will describe that...
View ArticleClik here to view.
Mike & the Monkey Dumpster Dive Into Samsung Gallery3d App Trash
Monkey assists Mike with another dive into the Samsung Gallery3d AppIt all started with a post by Michael Lacombe(iacismikel at gmail.com) on the Physical and RAW Mobile Forensics Google Group in...
View ArticleClik here to view.
Monkey Attempts To Digest Some Google Takeout (DetectedActivitys)
Careful What You Eat, Monkey!One of Monkey's co-workers (Troy) was able to provide investigators with a location of interest by looking at the device owner's Google Takeout "Location...
View Article