XRY Intermediate

Course description

The XRY Intermediate course is the next course in the natural progression for the mobile forensic examiner building on knowledge gained from XRY Certification. This course expands the student’s exposure to the various tools offered by MSAB such as XRY Cloud and XRY Photon.

Students learn how to carry out more complex data recovery techniques on a wide range of mobile devices while also receiving an introduction to deeper and more comprehensive data analysis following extraction.

This course is suited for those who have been using XRY and XAMN for their investigations and are looking to step into the next level of mobile device forensics.

Course objectives

Day one

  • Introduction
  • Importing Backups (GrayKey, iTunes, Android, and JTAG/Chipoff)
  • Import iTunes Backup Exercise
  • XAMN Start Tab Layout and Options
  • Smartphone Alternative Methods – iDevice Security Code Bypass via Lockdown Exercise – Android Bootloader Exercise – Demonstration – Emergency Download Mode (EDL) and Raspberry Pi Zero W
  • Log File Analysis & Exercise
  • XAMN Spotlight Tab

Day two

  • Review of Day 1
  • XAMN Source Mode & Elements – Introduction to Binary and Hex Exercise – Binary Stream to Hex Exercise – ASCII from Binary Stream Exercise – XAMN Source Mode Exercise – XAMN Elements Exercise
  • Memory Cards
  • Micro SD Card Extraction Exercise
  • XAMN Spotlight Filters – Hashing your name with Hashcalc Exercise – Hashing/Re-Decoding Exercise – Hash Filter Exercise – Overview of XAMN Spotlight Filters – Pivot on Meta/EXIF Data
  • Smart Phone Profiles – XRY Photon Extraction Exercise – Logical Extraction of Unsupported Handsets Exercise
  • Chipsets – Chipset Identification – PinPoint Exercisew

Day three

  • Review of Day 2
  • XRY Cloud – XRY Cloud iCloud Extraction Exercise
  • PList, XML, and SQLite Databases – Sample Plist Analysis Exercise – Further Plist Analysis Exercise – Sample XML Analysis Exercise – Further Plist Analysis Exercise – Sample XML Analysis Exercise – SQLite Databases in XRY Exercise – Working with Databases Exercise
  • Investigation Smart Phone Applications – Investigating the Kik Application with XAMN Exercise – Exporting Entire iPhone Apps with XAMN Exercise – Investigating an Application Folder Exercise
  • Drone Data – Drone Data Exercise
  • Reporting – XAMN PDF Report Exercise – Message Report Exercise – XAMN Save Subset Exercise
  • Closure and Assessment
Book course

Available training types

  • Classroom
  • Online

Pre-requisite

  • XRY Certification

Course length

  • 3 days

Available languages

  • English
  • French
  • German

Available locations

  • Canada - Live Online - EASTERN TIME ZONE
  • Canada - Vancouver
  • France - Paris - Paris
  • Germany - Düsseldorf
  • Germany - Hamburg
  • India - New Delhi
  • Singapore - Singapore
  • Sweden - Stockholm
  • USA - Arlington - Virginia
  • USA - Live Online - EASTERN TIME ZONE
  • USA - Orlando - FL
  • United Kingdom - Live Online
  • United Kingdom - Reading

Download material

Schedule

Dates Language City Country

I am ready to book XRY Intermediate

Contact us

If you are a potential customer interested in learning more about our training, mobile forensic solutions or services, please use this form for your inquiry.