Information Technology Reference
In-Depth Information
The browser2.db file in Oxygen Forensic SQLite Viewer
Analysis of social networking/IM chats
Social networking and IM chat applications such as Facebook, Twitter, and WhatsApp re-
veal sensitive data, which could be helpful during the investigation of any case. The ana-
lysis is pretty much the same as with any other Android application. Download the data to
a forensic workstation and analyze the
.db
files to find out if you can unearth any sensit-
ive information. For example, let's look at the Facebook application and try to see what
data can be extracted. First, we extract the
/data/data/com.facebook.katana
folder and navigate to the
databases
folder. The
fb.db
file present under this folder
contains information which is associated to the user's account. The
friends_data
table contains information about the friend's names along with their phone numbers, e-
mail IDs, and date of birth, as shown in the following screenshot. Similarly, other files can
be analyzed to find out if any sensitive information can be gathered.