SlideShare a Scribd company logo
1 of 93
Download to read offline
The state of the art in
iOS Forensics
BELKADAY, 16 MARCH 2021
MATTIA EPIFANI
WHO AM I
• I live and work in Italy
• Master’s Degree in IT in 2002 @ UNIGE
• Founder and CEO @ REALITY NET
• Digital Forensics Analyst
• Contract professor in Digital Forensics @ UNIGE
• SANS Institute Certified Instructor FOR585/FOR500
• Researcher at IGSG – CNR (Italian National Council of
Research)
MOST POPULAR IPHONES 2020
SOURCE: DEVICEATLAS.COM
Mobile iOS VERSION (iPhone)
SOURCE: STATCOUNTER.COM – FEBRUARY 2021
Tablet iOS Version (iPad)
SOURCE: STATCOUNTER.COM – FEBRUARY 2021
iOS Forensics: RULES!
Turned on device
(locked or unlocked)
DON’T TURN IT OFF AND THINK!
Turned off device
LEAVE IT OFF!
4 Scenarios
1. Turned on and unlocked
2. Turned on and locked
3. Turned off with passcode
4. Turned off without passcode
PRESERVATION – Disable network connections
PRESERVATION – Disable Auto-Lock
PRESERVATION – Verify if a lock code is set
PRESERVATION – Verify device type and iOS version
ACQUISITION – Pairing
Establishing
Trust (“pairing”)
with a PC
requires the
passcode!
What if you don’t know the passcode?
1. Take pictures!
2. Search for a lockdown certificate
3. AirDrop?
ACQUISITION – Take Pictures!
I’m not joking ☺
Just take as much pictures of the
screen as possible by browsing
through the various applications!
ACQUISITION – Search for a lockdown
certificate
 Lockdown file name → Device_UDID.plist
 Stored in:
 C:Program DataAppleLockdown Win 7/8/10
 /private/var/db/lockdown Mac OS X
 The certificate can be extracted from the computer and (under certain conditions)
can be used in another computer with some forensic tools or directly with iTunes
 Lockdown certificate can be expired…
 Lockdown certificate can’t be used
 on freshly restarted device
 within some hours since last time user unlocked with the passcode
ACQUISITION – Lockdown certificate
ACQUISITION – iTunes Backup with certificate
ACQUISITION – iTunes Backup with certificate
ACQUISITION – iTunes Backup with certificate
ACQUISITION – iTunes Backup with certificate
ACQUISITION – iTunes Backup with certificate
ACQUISITION – iTunes Backup with certificate
ACQUISITION – AirDrop?
TURNED ON AND UNLOCKED
1. Prevent the device locking!
Don’t press power button e DON’T TURN OFF the
device!
2. Disable network connections
3. Disable “Auto-lock”
4. Verify if a passcode is set
1. If no passcode is set, turn off the device
2. If a passcode is set, don’t turn off the device!
1. Take pictures of the screen by browsing through the various applications
2. Identify the Device UDID and search if a lockdown certificate is available on a
synced PC or Mac and acquire the device as soon as possible
3. Eventually consider using AirDrop, by connecting the phone to a Wi-Fi without Internet
connection
4 Scenarios
1. Turned on and unlocked
2. Turned on and locked
3. Turned off with passcode
4. Turned off without passcode
TURNED ON AND LOCKED
PRESERVATION – Disable network connections
PRESERVATION – Verify Lock/FaceID/TouchID
ACQUISITION – USB Restricted Mode
ACQUISITION – Lockdown certificate
ACQUISITION – iTunes Backup with certificate
ACQUISITION – Identify device type and
OS Version
TURNED ON AND LOCKED
1. Disable network connections
1. Don’t remove the SIM Card!
2. Verify passcode type / FaceID / TouchID
3. Can you unlock with FaceID / TouchID?
4. Is USB Restricted Mode active?
5. Can you find a valid lockdown certificate?
6. Keep it powered on and AFU?
4 Scenarios
1. Turned on and unlocked
2. Turned on and locked
3. Turned off with passcode
4. Turned off without passcode
PRESERVATION – Remove the SIM Card
IDENTIFICATION – Identify the device type
1. Device IMEI
1. In the SIM Tray (iPhone 6s and above)
2. On the back of the device (up to iPhone 6)
2. Device Model
1. In the SIM Tray (iPhone 8 and above)
2. On the back of the device (up to iPhone 7)
CHECKM8
 Checkm8 is a bootrom
exploit discovered and
publicly released by
the Twitter user
“axi0mX” on 27th
September 2019
 iPhone 4s to iPhone X
are vulnerable
ACQUISITION – Checkm8 BFU
ACQUISITION – Checkm8 BFU
ACQUISITION – Checkm8 BFU
ACQUISITION – Checkm8 BFU
ACQUISITION – Checkm8 BFU
ACQUISITION – Checkm8 BFU
ACQUISITION – Checkm8 BFU
ACQUISITION – Checkm8 BFU
ACQUISITION – Checkm8 BFU
ACQUISITION – Checkm8 BFU
ACQUISITION – Checkm8 BFU
ACQUISITION – Checkm8 BFU
ACQUISITION – Checkm8 BFU
Passcode Cracking
 Graykey Grayshift
 Cellebrite CAS/Premium
 Elcomsoft iOS Forensic Toolkit
(only iPhone 4/5/5c)
TURNED OFF WITH PASSCODE
1. Can you obtain a BFU acquisition?
2. Can you crack the passcode?
4 Scenarios
1. Turned on and unlocked
2. Turned on and locked
3. Turned off with passcode
4. Turned off without passcode
• Checkm8-based Full File System
iPhone 5s/6/6+/6s/6s+/7/7+/8/8+/X
• iTunes Backup
• Apple File Conduit (AFC)
• Crash Logs and Sysdiagnose
• Agent Based Acquisition
• Jailbreak
iPhone XR/XS/XS Max/11/11 Pro/11 Pro Max
SE(2020)/12/12 Mini/12 Pro /12 Pro Max
Acquisition Techniques
ACQUISITION – AFC
ACQUISITION – AFC
ACQUISITION – AFC
ACQUISITION – Crash Logs
ACQUISITION – Crash Logs
ACQUISITION – Crash Logs
Using Apple “Bug Reporting” for Forensic Purposes
https://www.for585.com/sysdiagnose
https://github.com/cheeky4n6monkey/iOS_sysdiagnose_forensic_scripts
ACQUISITION – Agent backup
ACQUISITION – Agent backup
ACQUISITION – Agent backup
ACQUISITION – Agent backup
ACQUISITION – Agent backup
ACQUISITION – Agent backup
ACQUISITION – unc0ver Jailbreak
ACQUISITION – unc0ver Jailbreak
ACQUISITION – Jailbroken Device
ACQUISITION – Jailbroken Device
ACQUISITION – Jailbroken Device
ACQUISITION – Jailbroken Device
ACQUISITION – Jailbroken Device
ACQUISITION – Jailbroken Device
ACQUISITION – Jailbroken Device
TURNED OFF WITHOUT PASSCODE
1. Is the device checkm8-compatible?
2. If Yes, obtain a full file system with checkm8
3. If No
1. Obtain an iTunes backup [check encryption]
2. Obtain an AFC acquisition
3. (Eventually) Generate a sysdiagnose
4. Extract CrashLogs (and sysdiagnose)
5. Is the device compatible for a full file system
agent based extraction?
6. Is the device compatible with a jailbreak?
WHERE TO GO WHEN YOU ARE
LOCKED OUT?
• Local backup stored on user’s computer
• Windows
• Users<username>AppDataRoamingMobileSyncBackup
• Users<username>AppleMobileSyncBackup
• Mac
• /Users/[USERNAME]/Library/Application Support/MobileSync/Backup
• Other data stored on user’s computer
• Crash Logs
• C:ProgramDataAppleComputeriTunesiPodDevices.xml
• iCloud
• Synced devices (Apple Watch / Apple TV)
• Apple Support (Only LE)
ACQUISITION – iCloud
Data analysis
1. iOS configuration and logs
2. Native applications
3. Third party applications
SANS FOR585 Smartphone Poster
https://digital-forensics.sans.org/media/DFIR_FOR585_Digital_Poster.pdf
System Files
System Files
System Files
Data analysis
1. iOS configuration and logs
2. Native applications
3. Third party applications
Native Applications
Native Applications
Data analysis
1. iOS configuration and logs
2. Native applications
3. Third party applications
Third Party Applications
https://www.sans.org/security-resources/posters/dfir/ios-third-party-apps-forensics-reference-guide-poster-300
Third Party Applications
Third Party Applications
Third Party Applications
https://www.sans.org/webcasts/ios-third-party-apps-analysis-reference-guide-poster-117244
CONTACTS
Mattia Epifani
mattia.epifani@realitynet.it
@mattiaep

More Related Content

What's hot

BYOM Build Your Own Methodology (in Mobile Forensics)
BYOM Build Your Own Methodology (in Mobile Forensics)BYOM Build Your Own Methodology (in Mobile Forensics)
BYOM Build Your Own Methodology (in Mobile Forensics)Reality Net System Solutions
 
Snort IPS(Intrusion Prevention System) Eğitimi
Snort IPS(Intrusion Prevention System) EğitimiSnort IPS(Intrusion Prevention System) Eğitimi
Snort IPS(Intrusion Prevention System) EğitimiBGA Cyber Security
 
Practical Malware Analysis: Ch 4 A Crash Course in x86 Disassembly
Practical Malware Analysis: Ch 4 A Crash Course in x86 Disassembly Practical Malware Analysis: Ch 4 A Crash Course in x86 Disassembly
Practical Malware Analysis: Ch 4 A Crash Course in x86 Disassembly Sam Bowne
 
Windows 10 Forensics: OS Evidentiary Artefacts
Windows 10 Forensics: OS Evidentiary ArtefactsWindows 10 Forensics: OS Evidentiary Artefacts
Windows 10 Forensics: OS Evidentiary ArtefactsBrent Muir
 
Malware forensic
Malware forensicMalware forensic
Malware forensicSumeraHangi
 
Ch 2: TCP/IP Concepts Review
Ch 2: TCP/IP Concepts ReviewCh 2: TCP/IP Concepts Review
Ch 2: TCP/IP Concepts ReviewSam Bowne
 
Linux Yaz Kampı 2017 GNU/Linux Eğitim Dökümanı
Linux Yaz Kampı 2017 GNU/Linux Eğitim DökümanıLinux Yaz Kampı 2017 GNU/Linux Eğitim Dökümanı
Linux Yaz Kampı 2017 GNU/Linux Eğitim Dökümanıİbrahim UÇAR
 
Native Android Userspace part of the Embedded Android Workshop at Linaro Conn...
Native Android Userspace part of the Embedded Android Workshop at Linaro Conn...Native Android Userspace part of the Embedded Android Workshop at Linaro Conn...
Native Android Userspace part of the Embedded Android Workshop at Linaro Conn...Opersys inc.
 
Temel Linux Kullanımı ve Komutları
Temel Linux Kullanımı ve KomutlarıTemel Linux Kullanımı ve Komutları
Temel Linux Kullanımı ve KomutlarıAhmet Gürel
 
N map presentation
N map presentationN map presentation
N map presentationulirraptor
 

What's hot (20)

BYOM Build Your Own Methodology (in Mobile Forensics)
BYOM Build Your Own Methodology (in Mobile Forensics)BYOM Build Your Own Methodology (in Mobile Forensics)
BYOM Build Your Own Methodology (in Mobile Forensics)
 
Sigma and YARA Rules
Sigma and YARA RulesSigma and YARA Rules
Sigma and YARA Rules
 
Wireshark
WiresharkWireshark
Wireshark
 
Snort IPS(Intrusion Prevention System) Eğitimi
Snort IPS(Intrusion Prevention System) EğitimiSnort IPS(Intrusion Prevention System) Eğitimi
Snort IPS(Intrusion Prevention System) Eğitimi
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
 
Hping, TCP/IP Paket Üretici
Hping, TCP/IP Paket ÜreticiHping, TCP/IP Paket Üretici
Hping, TCP/IP Paket Üretici
 
BTRisk Adli Bilişim Eğitimi Sunumu
BTRisk Adli Bilişim Eğitimi SunumuBTRisk Adli Bilişim Eğitimi Sunumu
BTRisk Adli Bilişim Eğitimi Sunumu
 
Snort
SnortSnort
Snort
 
Practical Malware Analysis: Ch 4 A Crash Course in x86 Disassembly
Practical Malware Analysis: Ch 4 A Crash Course in x86 Disassembly Practical Malware Analysis: Ch 4 A Crash Course in x86 Disassembly
Practical Malware Analysis: Ch 4 A Crash Course in x86 Disassembly
 
Windows 10 Forensics: OS Evidentiary Artefacts
Windows 10 Forensics: OS Evidentiary ArtefactsWindows 10 Forensics: OS Evidentiary Artefacts
Windows 10 Forensics: OS Evidentiary Artefacts
 
Malware forensic
Malware forensicMalware forensic
Malware forensic
 
Ch 2: TCP/IP Concepts Review
Ch 2: TCP/IP Concepts ReviewCh 2: TCP/IP Concepts Review
Ch 2: TCP/IP Concepts Review
 
BTRisk Zararlı Yazılım Analizi Eğitimi Sunumu - Bölüm 1
BTRisk Zararlı Yazılım Analizi Eğitimi Sunumu - Bölüm 1BTRisk Zararlı Yazılım Analizi Eğitimi Sunumu - Bölüm 1
BTRisk Zararlı Yazılım Analizi Eğitimi Sunumu - Bölüm 1
 
Windows forensic
Windows forensicWindows forensic
Windows forensic
 
Linux Yaz Kampı 2017 GNU/Linux Eğitim Dökümanı
Linux Yaz Kampı 2017 GNU/Linux Eğitim DökümanıLinux Yaz Kampı 2017 GNU/Linux Eğitim Dökümanı
Linux Yaz Kampı 2017 GNU/Linux Eğitim Dökümanı
 
iOS Forensics
iOS Forensics iOS Forensics
iOS Forensics
 
Native Android Userspace part of the Embedded Android Workshop at Linaro Conn...
Native Android Userspace part of the Embedded Android Workshop at Linaro Conn...Native Android Userspace part of the Embedded Android Workshop at Linaro Conn...
Native Android Userspace part of the Embedded Android Workshop at Linaro Conn...
 
Memory Forensics
Memory ForensicsMemory Forensics
Memory Forensics
 
Temel Linux Kullanımı ve Komutları
Temel Linux Kullanımı ve KomutlarıTemel Linux Kullanımı ve Komutları
Temel Linux Kullanımı ve Komutları
 
N map presentation
N map presentationN map presentation
N map presentation
 

Similar to The state of the art in iOS Forensics

Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!DefCamp
 
iOS Forensics: where are we now and what are we missing?
iOS Forensics: where are we now and what are we missing?iOS Forensics: where are we now and what are we missing?
iOS Forensics: where are we now and what are we missing?Reality Net System Solutions
 
Module5 desktop-laptop-security-b
Module5 desktop-laptop-security-bModule5 desktop-laptop-security-b
Module5 desktop-laptop-security-bBbAOC
 
A Survey of Threats in OS X and iOS(FFRI Monthly Research 201507)
A Survey of Threats in OS X and iOS(FFRI Monthly Research 201507)A Survey of Threats in OS X and iOS(FFRI Monthly Research 201507)
A Survey of Threats in OS X and iOS(FFRI Monthly Research 201507)FFRI, Inc.
 
iPhone and iPad Security
iPhone and iPad SecurityiPhone and iPad Security
iPhone and iPad SecuritySimon Guest
 
Penetration testing of i phone-ipad applications
Penetration testing of i phone-ipad applicationsPenetration testing of i phone-ipad applications
Penetration testing of i phone-ipad applicationsshehab najjar
 
200:1 - Do You Trust Your Mobile Security Odds?
200:1 - Do You Trust Your Mobile Security Odds? 200:1 - Do You Trust Your Mobile Security Odds?
200:1 - Do You Trust Your Mobile Security Odds? Blueboxer2014
 
Black Hat Europe 2016 Survey Report (FFRI Monthly Research Dec 2016)
Black Hat Europe 2016 Survey Report (FFRI Monthly Research Dec 2016) Black Hat Europe 2016 Survey Report (FFRI Monthly Research Dec 2016)
Black Hat Europe 2016 Survey Report (FFRI Monthly Research Dec 2016) FFRI, Inc.
 
Security Checklist: how iOS can help protecting your data.
Security Checklist: how iOS can help protecting your data.Security Checklist: how iOS can help protecting your data.
Security Checklist: how iOS can help protecting your data.Tomek Cejner
 
iOS-Application-Security-iAmPr3m
iOS-Application-Security-iAmPr3miOS-Application-Security-iAmPr3m
iOS-Application-Security-iAmPr3mPrem Kumar (OSCP)
 
Mobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring BudgetMobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring BudgetBrent Muir
 
10 Things to help you be less dump at computers
10 Things to help you be less dump at computers10 Things to help you be less dump at computers
10 Things to help you be less dump at computersEric Fickes
 
[CB16] BLE authentication design challenges on smartphone controlled IoT devi...
[CB16] BLE authentication design challenges on smartphone controlled IoT devi...[CB16] BLE authentication design challenges on smartphone controlled IoT devi...
[CB16] BLE authentication design challenges on smartphone controlled IoT devi...CODE BLUE
 
Secure Your Mobile Apps
Secure Your Mobile AppsSecure Your Mobile Apps
Secure Your Mobile Appsprimomh
 
Raul Siles - iOS: Regreso al futuro [Rooted CON 2014]
Raul Siles - iOS: Regreso al futuro [Rooted CON 2014]Raul Siles - iOS: Regreso al futuro [Rooted CON 2014]
Raul Siles - iOS: Regreso al futuro [Rooted CON 2014]RootedCON
 
SIM Portland IOT - Sandhi Bhide - (09-14-2016)
SIM Portland IOT - Sandhi Bhide - (09-14-2016)SIM Portland IOT - Sandhi Bhide - (09-14-2016)
SIM Portland IOT - Sandhi Bhide - (09-14-2016)sandhibhide
 
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationTop 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationLumension
 
Attacking and Defending Apple iOS Devices
Attacking and Defending Apple iOS DevicesAttacking and Defending Apple iOS Devices
Attacking and Defending Apple iOS DevicesTom Eston
 

Similar to The state of the art in iOS Forensics (20)

Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!
 
iOS Forensics: where are we now and what are we missing?
iOS Forensics: where are we now and what are we missing?iOS Forensics: where are we now and what are we missing?
iOS Forensics: where are we now and what are we missing?
 
Module5 desktop-laptop-security-b
Module5 desktop-laptop-security-bModule5 desktop-laptop-security-b
Module5 desktop-laptop-security-b
 
A Survey of Threats in OS X and iOS(FFRI Monthly Research 201507)
A Survey of Threats in OS X and iOS(FFRI Monthly Research 201507)A Survey of Threats in OS X and iOS(FFRI Monthly Research 201507)
A Survey of Threats in OS X and iOS(FFRI Monthly Research 201507)
 
iPhone and iPad Security
iPhone and iPad SecurityiPhone and iPad Security
iPhone and iPad Security
 
Penetration testing of i phone-ipad applications
Penetration testing of i phone-ipad applicationsPenetration testing of i phone-ipad applications
Penetration testing of i phone-ipad applications
 
200:1 - Do You Trust Your Mobile Security Odds?
200:1 - Do You Trust Your Mobile Security Odds? 200:1 - Do You Trust Your Mobile Security Odds?
200:1 - Do You Trust Your Mobile Security Odds?
 
Black Hat Europe 2016 Survey Report (FFRI Monthly Research Dec 2016)
Black Hat Europe 2016 Survey Report (FFRI Monthly Research Dec 2016) Black Hat Europe 2016 Survey Report (FFRI Monthly Research Dec 2016)
Black Hat Europe 2016 Survey Report (FFRI Monthly Research Dec 2016)
 
Camcalt user manual
Camcalt user manualCamcalt user manual
Camcalt user manual
 
Security Checklist: how iOS can help protecting your data.
Security Checklist: how iOS can help protecting your data.Security Checklist: how iOS can help protecting your data.
Security Checklist: how iOS can help protecting your data.
 
iOS-Application-Security-iAmPr3m
iOS-Application-Security-iAmPr3miOS-Application-Security-iAmPr3m
iOS-Application-Security-iAmPr3m
 
Mobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring BudgetMobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring Budget
 
ppt2 (1).pptx
ppt2 (1).pptxppt2 (1).pptx
ppt2 (1).pptx
 
10 Things to help you be less dump at computers
10 Things to help you be less dump at computers10 Things to help you be less dump at computers
10 Things to help you be less dump at computers
 
[CB16] BLE authentication design challenges on smartphone controlled IoT devi...
[CB16] BLE authentication design challenges on smartphone controlled IoT devi...[CB16] BLE authentication design challenges on smartphone controlled IoT devi...
[CB16] BLE authentication design challenges on smartphone controlled IoT devi...
 
Secure Your Mobile Apps
Secure Your Mobile AppsSecure Your Mobile Apps
Secure Your Mobile Apps
 
Raul Siles - iOS: Regreso al futuro [Rooted CON 2014]
Raul Siles - iOS: Regreso al futuro [Rooted CON 2014]Raul Siles - iOS: Regreso al futuro [Rooted CON 2014]
Raul Siles - iOS: Regreso al futuro [Rooted CON 2014]
 
SIM Portland IOT - Sandhi Bhide - (09-14-2016)
SIM Portland IOT - Sandhi Bhide - (09-14-2016)SIM Portland IOT - Sandhi Bhide - (09-14-2016)
SIM Portland IOT - Sandhi Bhide - (09-14-2016)
 
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationTop 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
 
Attacking and Defending Apple iOS Devices
Attacking and Defending Apple iOS DevicesAttacking and Defending Apple iOS Devices
Attacking and Defending Apple iOS Devices
 

More from Reality Net System Solutions (11)

Forensic Analysis of the Raspberry PI 400
Forensic Analysis of the Raspberry PI 400Forensic Analysis of the Raspberry PI 400
Forensic Analysis of the Raspberry PI 400
 
iOS Forensics a costo zero
iOS Forensics a costo zeroiOS Forensics a costo zero
iOS Forensics a costo zero
 
(in)Secure Secret Zone
(in)Secure Secret Zone(in)Secure Secret Zone
(in)Secure Secret Zone
 
Forensicating the Apple TV
Forensicating the Apple TVForensicating the Apple TV
Forensicating the Apple TV
 
Acquisizione forense di dispositivi iOS
Acquisizione forense di dispositivi iOSAcquisizione forense di dispositivi iOS
Acquisizione forense di dispositivi iOS
 
Life on Clouds: a forensics overview
Life on Clouds: a forensics overviewLife on Clouds: a forensics overview
Life on Clouds: a forensics overview
 
Study and analysis of Orweb anonymizer on Android Devices
Study and analysis of Orweb anonymizer on Android DevicesStudy and analysis of Orweb anonymizer on Android Devices
Study and analysis of Orweb anonymizer on Android Devices
 
Discovering Windows Phone 8 Artifacts and Secrets
Discovering Windows Phone 8 Artifacts and Secrets Discovering Windows Phone 8 Artifacts and Secrets
Discovering Windows Phone 8 Artifacts and Secrets
 
ReVaulting! Decryption and opportunities
ReVaulting! Decryption and opportunitiesReVaulting! Decryption and opportunities
ReVaulting! Decryption and opportunities
 
Dammi il tuo iPhone e ti dirò chi sei (Forse)
Dammi il tuo iPhone e ti dirò chi sei (Forse)Dammi il tuo iPhone e ti dirò chi sei (Forse)
Dammi il tuo iPhone e ti dirò chi sei (Forse)
 
Tor Browser Forensics on Windows OS
Tor Browser Forensics on Windows OSTor Browser Forensics on Windows OS
Tor Browser Forensics on Windows OS
 

Recently uploaded

What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 

Recently uploaded (20)

What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 

The state of the art in iOS Forensics