In this section, we will go through some basic steps to check for malicious activity on an Android device.
Warning: because of their security model and their caracteristics, it is challenging to do live forensic on an Android system. We are bringing here some hints on what to check on a potentially compromised device, but this process is less reliable than the Windows or MacOS processes.
Here are the tools used in this section :
- snoopdroid developed by Claudio Guarnieri to extract data from your phone for further analysis