Fama : Forensic Analysis For Mobile Apps

Fama is a tool for android extraction and analysis framework with an integrated Autopsy Module. Dump easily user data from a device and generate powerful reports for Autopsy or external applications.

Functionalities

Extract user application data from an Android device with ADB (root and ADB required).
Dump user data from an android image or mounted path.
Easily build modules for a specific Android application.
Generate clean and readable JSON reports.
Complete integrated Autopsy compatibility (datasource processor module, ingest module, report module, geolocation, communication and timeline support).
Export HTML report based on the current case.

Report Screenshots

Prerequisites

Python (2.7+)
Autopsy (optional)

How to use?

The script can be used directly in terminal or as Autopsy module.

Running From Terminal

usage: start.py [-h] [-d DUMP [DUMP ...]] [-p PATH] [-o OUTPUT] [-a] app

Forensics Artefacts Analyzer

positional arguments:
  app                                            Application or package to be analyzed <tiktok> or <com.zhiliaoapp.musically>

optional arguments:
  -h, --help                                     show this help message and exit
  -d DUMP [DUMP ...], --dump DUMP [DUMP ...]     Analyze specific(s) dump(s) <20200307_215555 ...>
  -p PATH, --path PATH                           Dump app data in path (mount or folder structure)
  -o OUTPUT, --output OUTPUT                     Report output path folder
  -a, --adb                                      Dump app data directly from device with ADB
  -H, --html                                     Generate HTML report

Running From Autopsy

Download repository contents (zip).
Open Autopsy -> Tools -> Python Plugins
Unzip previously downloaded zip in python_modules folder.
Restart Autopsy, create a case and select the module.
Select your module options in the Ingest Module window selector.
Click “Generate Report” to generate an HTML report of the case.

Build An Application Module

Do you need a forensics module for a specific Android application? Follow the instructions here and build a module by yourself.

Related

Andriller : Software Utility With A Collection Of Forensic Tools For Smartphones

January 15, 2020

In "Kali Linux"

Scrounger – Mobile Application Testing Toolkit

September 10, 2018

In "Kali Linux"

ANDROPHSY – Comprehensive Forensic Tool For Android Smartphones

July 2, 2024

In "Forensics"

R K

Next ScriptHunter : Tool To Find JavaScript Files On Websites »

Previous « Leonidas : Automated Attack Simulation In The Cloud, Complete With Detection Use Cases

Share

Published by

R K

Tags: FamaForensicForensic AnalysisMobile Apps

5 years ago

Recent Posts

Database Assessment

How to Fix MyISAM Table Corruption in MySQL?

In MySQL Server 5.5 and earlier versions, the MyISAM was the default storage engine. So,…

17 hours ago

Vulnerability Analysis

Microsoft Authenticator Flaw Could Leak Login Codes

A newly disclosed vulnerability in Microsoft Authenticator could expose one time sign in codes or…

1 day ago

software

Modrinth – A Comprehensive Overview of Tools and Functions

Modrinth is a modern platform that’s rapidly changing the landscape of Minecraft modding, providing an…

2 days ago

News

BlackSanta Malware A Stealthy Threat Targeting Recruiters and HR Teams

A new, highly sophisticated malware campaign named BlackSanta has emerged, primarily targeting HR and recruitment…

2 days ago

TECH

Perplexity Launches Personal Computer Features

Perplexity has unveiled an exciting new feature, Personal Computer, which allows AI agents to seamlessly…

2 days ago

Cyber security

Cyberattack or Smoke and Mirrors? The Truth Behind the Alleged Dimona Nuclear Breach

In a recent cyber incident, a group named CARDINAL, associated with the label Russian Legion,…

3 days ago

L