AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

No Image Available

SQLite Forensics

 Author: Paul Sanderson  Publisher: Independently published  Published: 12 May, 2018  ISBN: 1980293074  ISBN: 978-1980293071  Pages: 315  Language: English  Dimension: 19.05 x 1.8 x 23.5 cm  Item Weight: 685 g  Edition: 1st  Buy Now

SQLite is a self-contained SQL database engine that is used on every smartphone (including all iOS and Android devices) and most computers (including all Macs and Windows 10 machines). Each computer or phone using SQLite often has hundreds of SQLite databases and it is estimated that there are over one trillion SQLite databases in active use. Given the above, the importance of examining all of the data held in these databases in an investigation is paramount, and of course this includes examining deleted data whenever possible. In this book we cover the format of the SQLite database, and associated journal and Write-Ahead Logs (WAL) in great detail. We show how records are encoded, how to decode them manually and how to decode records that are partially overwritten. We also describe how the workings of SQLite, and in particular the journal and WAL, can be used to ascertain what has happened in a manner that cannot be determined from the data alone. We cover basic SQL queries and how they can be used to create a custom report that includes data from different tables, and we show how we can use SQL queries to test hypothesises about the relationships of data in different tables.This book is aimed mainly at forensic practitioners, and it is assumed that the reader has some basic knowledge of computer forensics; it will also be of interest to computer professionals in general particularly those who have an interest in the SQLite file format.

Other Books From -

No Image Available EZ Tools Manuals Eric Zimmerman and Andrew Rathbun
No Image Available Applied Incident Response Computers Steve Anson
No Image Available Crafting the InfoSec Playbook Jeff Bollinger, Brandon Enright, & Matthew Valites
No Image Available Incident Response Techniques for Ransomware Attacks Computer security, Computers Oleg Skulkin
No Image Available The Art of Cyberwarfare Computers Jon DiMaggio
No Image Available Linux Field Manual (LFM) Computers Tim Bryant
No Image Available Blue Team Field Manual (BTFM) Computers Alan White
No Image Available Red Team Field Manual (RTFM) Computer security Ben Clark

Other Books By - Paul Sanderson

No Books Available!