High Technology Crime Investigation Association
Prev MonthPrev Month Next MonthNext Month
NY Metro Chapter - Mobile Day
NY Law School
185 W Broadway
New York, NY 10013
USA
Friday, February 21, 2020, 11:00 AM - 4:15 PM EDT
Category: Chapter Meeting

Welcome to 2020! We are excited to have you as part of our membership. I think membership in our chapter is a fun and educational journey and looking forward to our first 2020 meeting in NY. We have an incredible group of chapter officers working hard on training events, like Mobile Day Feb 21, MAC attack in June and many more.

As announced our first meeting “Mobile Day” will be February 21st and it will be all about mobile forensics.

Agenda:

1130– Noon  Lunch and Registration

Noon – 1245    Ronen Engler & Eric Olson of Cellebrite “Checkm8 and Checkra1n – Full file system extractions for iOS devices”

1250 – 1335     Greg Masterson of MSAB “Evolving Cases”

1340 – 1425    Alexis Brignoni of Initialization Vectors “Mobile Mojo: Know more, solve More”

1430 – 1515     Tarah Melton of Magnet Forensics “Android App Analysis”

1530 – 1615    Panel “Forensic Implications of Jailbreaking” Featuring Trey Amick, Alexis Brignoni, Heather Mahalik, and Dr. Bradley Schatz; moderated by Jessica Hyde


Each presentation is a total of 45 min inclusive of Q&A (40 min talk 5 min Q&A).  There is a 5 minute break between presentations and a 15 minute break to set up for the panel.  We will provide a visual at 10 minutes total left (5 min till Q&A) and then at 5 min mark for Q&A. During the Q&A, we will signal when there is 1 min left to either take a final question or wrap up the existing answer being delivered.

 

Ronen Engler is a Sr. Manager of Technology & Innovation, and Eric Olson is a Solutions Engineer at Cellebrite

  • ‘Checkm8 and Checkra1n – Full file system extractions for iOS devices’
    • Differences between checkm8 and checkr1n
    • The importance of full file system extractions
    • How to perform a full filesystem extraction
    • What is extracted in a Method 1 and Method 2 extraction vs full file system

 

Greg Masterson joined MSAB in 2018 as a technical sales engineer after a 25-year career as a law enforcement officer in his native New Jersey.  Greg led the High Tech Crime Unit of the Union County Prosecutor’s office, where he was responsible for implementing many improvements to the team’s training processes, digital forensics expertise and scope of work. He also served as a frontline police officer, a detective and member of the Union County High Technology Task Force.  As a technical sales engineer, Greg works with MSAB customer organizations to improve the effectiveness of their mobile forensic operations and their overall investigative efficiency.


Alexis Brignoni is a Special Agent with the FBI in the Tampa Division, Orlando Resident Agency Office.
 

  • Mobile Mojo: Know more, Solve more
  • There are over 4 million mobile apps available between the two largest smartphone app stores. Our tools by themselves can only scratch the surface. What can be done How can we best leverage our tools and grow our practice in order to obtain as much as we can from our examinations? In this presentation the practitioner will learn how to:
    • Identify data stores of interest
    • Use structure query language to extract and interpret the data
    • Manage JSON formatted data inside and outside of SQLite databases
    • Use apps as viewers and parsers of targeted data through the use of virtual environments
    • Set up manual examination when extraction and parsing is not possible
    • Usage of the iOS Logs, Events, And Properties Parser (iLEAPP) python 3 framework for advanced iPhone digital forensics.

Tarah Melton, GCFA, GREM, Forensics Consultant at Magnet Forensics

  • Android App Analysis

    • With the millions of applications available to users on Android devices, it becomes impossible for commercial tools to be able to parse and support them all. This makes it critical to understand how applications are stored on these devices and where to find that important data that could be vital to your case. Join us as we walk through the basics of Android applications, with additional detail given to digging into SQLite database files where much of that application data is stored. See how enhanced features found in Magnet AXIOM, such as the Dynamic App Finder and our built-in SQLite Viewer, can help you review and report on the application data in your case quickly and efficiently. Then with the free tool, the Magnet App Simulator, see how to view and interact with Android application data in a virtual environment.

 

 

We would love to see many of you on Mobile Day!

To register, click here


If you have any questions, please let us know.

Respectfully, Your HTCIA 2020 Chapter Board!

President, Warren Kruse
1st Vice President, Jessica Hyde
2nd Vice President, Bill Moylan
Secretary, Emmah Padilla
Treasurer, George Wade


Contact: Emmah Padilla, Secretary NY Metro HTCIA