Difference between pages "Blackberry Forensics" and "GRR"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
(Blackberry Simulator)
 
(Workshops)
 
Line 1: Line 1:
== Acquiring BlackBerry Backup File (.ipd) ==
+
{{Infobox_Software |
 +
  name = Rekall |
 +
  maintainer = [[Darren Bilby]] and others |
 +
  os = {{Cross-platform}} |
 +
  genre = {{Incident response}} |
 +
  license = {{APL}} |
 +
  website = [https://code.google.com/p/grr/ code.google.com/p/grr/] |
 +
}}
  
1. Open Blackberry’s Desktop Manager<br/>
+
GRR is an Incident Response Framework focused on Remote Live Forensics.
2. Click “Options” then “Connection Settings” <br/>
+
[[Image:4.JPG]]<br/>
+
4. Select “USB-PIN: 2016CC12” for connection<br/>
+
[[Image:1.JPG]]<br/>
+
5. Click “Detect”, then it should show a dialog box saying it found the device<br/>
+
6.      Click "OK" to return to the main menu<br/>
+
7. Double click “Backup and Restore”<br/>
+
[[Image:2.JPG]]  <br/>
+
8. Save the .ipd file<br/>
+
[[Image:3.JPG]]<br/>
+
  
== Opening Blackberry Backup Files (.ipd) ==
+
= See also =
1. Purchase Amber BlackBerry Converter from [http://www.processtext.com/abcblackberry.html]
+
* [[rekall]]
<br>Or
+
<br>Download Trial Version
+
<br><br>2. Use File | Open and point the program to the BlackBerry backup file (.ipd).
+
<br><br>3. Navigate to the appropriate content by using the navigator icons on the left.
+
  
== Blackberry Simulator ==
+
= External Links =
 +
* [https://code.google.com/p/grr/ Project site]
 +
* [https://code.google.com/p/grr/wiki/ProjectFAQ Project FAQ]
 +
* [http://grr.googlecode.com/git/docs/index.html Documentation]
  
This is a step by step guide to downloading and using a Blackberry simulator. For this example I downloaded version 4.0.2 in order to simulate the 9230 series.
+
== Publications ==
 +
* [http://static.googleusercontent.com/media/research.google.com/en/us/pubs/archive/37237.pdf Distributed forensics and incident response in the enterprise], by [[Michael Cohen]], [[Darren Bilby]], G. Caronni. Digital Investigation, 2011.
 +
* [https://googledrive.com/host/0B9hc84IflFGbN2IwMTUyYTUtMTU0Mi00ZWQ3LWFhNDktM2IyMTg5MmY3OWI0/Hunting%20in%20the%20Enterprise:%20Forensic%20Triage%20and%20Incident%20Response Hunting in the enterprise: Forensic triage and incident response], by [[Andreas Moser], [[Michael Cohen]], Digital Investigation, 2013.
  
1. Select a simulator to download from the drop-down list on the [https://www.blackberry.com/Downloads/entry.do?code=060AD92489947D410D897474079C1477]Blackberry website. Click ''Next''.
+
== Presentations ==
 +
* [https://googledrive.com/host/0B1wsLqFoT7i2N3hveC1lSEpHUnM/Docs/GRR%20Rapid%20Response%20-%20OSFC%202012.pdf OSDFC 2012 GRR Overview], by [[Darren Bilby]]
  
2. Look through the list and download BlackBerry Handheld Simulator v4.0.2.51.
+
== Workshops ==
 
+
* [https://drive.google.com/?usp=chrome_app#folders/0B1wsLqFoT7i2eU1jU0JldW9JUU0 OSDFC workshop 2013], by [[Darren Bilby]]
3. Enter your proper user credentials and click ''Next'' to continue.
+
 
+
4. On the next page, reply accordingly to the eligibility prompt and click ''Next'' to continue.*
+
 
+
5. Agree or disagree to the SDK agreement and click ''Submit'' to continue.*
+
 
+
6. The next page will provide you with a link to download the .ZIP file containing the wanted simulator.
+
 
+
* - If you disagree at any of these point you will not be able to continue to the download.
+

Revision as of 15:20, 12 January 2014

Rekall
Maintainer: Darren Bilby and others
OS: Cross-platform
Genre: Incident Response
License: APL
Website: code.google.com/p/grr/

GRR is an Incident Response Framework focused on Remote Live Forensics.

See also

External Links

Publications

Presentations

Workshops