What's New at DFIR Training

June 20, 2020. Regularly updated, never outdone, check out the latest additions to keep up on your DFIR training! Website updates. DFIR Subcontractor listings, Forensic Artifacts and more.

 Enter for a chance to win a Guardonix Write Blocker!

Enter your name/email address here: I WANT TO WIN!

iLEAPP

29

DFIR Tools

License Type
Free
Mobile Device Forensics
Analysis
iOS Logs, Events, And Preferences Parser
 Details in blog post here: https://abrignoni.blogspot.com/2019/12/ileapp-ios-logs-events-and-properties.html

Supports iOS 11, 12 & 13. Select parsing directly from a compressed .tar/.zip file or a decompressed directory.

Pre-requisites:
 Python 3.7 +
 Pip install six
 Pip install PySimpleGUI

Parses:
 Mobile Installation Logs
 iOS 11, 12 & 13 Notifications
 Build Info (iOS version, etc.)
 Wireless cellular service info (IMEI, number, etc.)
 Screen icons list by screen and in grid order.
 ApplicationState.db support for app bundle ID to data contaner GUID correlation.
 User and computer names that the iOS device connected to. Function updated by Jack Farley (@JackFarley248, http://farleyforensics.com/).
 KnowldgeC + Powerlog artifacts. And many, many more...

Usage: ileapp.py [-h] -o {fs,tar,zip} pathtodir
 iLEAPP: iOS Logs, Events, and Preferences Parser.

positional arguments:
 pathtodir Path to directory

optional arguments: -h, --help show this help message and exit
 -o {fs,tar} Directory path or TAR filename and path(required).

Graphical user interface.
 Usage: ileappGUI.py No parameter needed.

User comments

There are no user comments for this listing.