Muscat 612



Advanced Mobile Hacking & Forensics Brochure

Digital Mobile Forensics is fast becoming a lucrative and constantly evolving field, this is no surprise as the mobile phone industry has been witnessing some unimaginable growth, some experts say it may even replace the Computer for those only wishing to send and receive emails. As this area of digital forensics grow in scope and size due to the prevalence and proliferation of mobile devices and as the use of these devices grows, more evidence and information important to investigations will be found on them. To ignore examining these devices would be negligent and result in incomplete investigations. This growth has now presented new and growing career opportunities for interested practitioners in corporate, enforcement, and military settings. Mobile forensics is certainly here to stay as every mobile device is different and different results will occur based on that device requiring unique expertise. This course was put together focusing on what today’s Mobile Forensics practitioner requires, some of the advanced areas this course will be covering are the intricacies of manual Acquisition (physical vs. logical) & advanced analysis using reverse engineering , understanding how the popular Mobile OSs are hardened to defend against common attacks and exploits.

Wayne Burke - IT Security Expert

Wayne Burke has had considerable hands-on IT Security experience consulting or lecturing, whether it was for Government Agencies, Healthcare Institutions, Financial and international companies.
His experience in the public / defense sectors is equally complemented by assignments undertaken for heavyweight world renowned corporations including Yahoo, Xerox, AT&T and Texas Instruments to name but a few. He is imminently qualified in his field in that he holds a string of professional qualifications in Networking to name a few (MCT, MCSE, Cisco, Network+) and IT Security (CIW-SA, Security+, CEH, ECSA, LPT, CHFI) besides a bachelor’s degree in science.
Wayne is currently the CSO for Sequrit CSI, responsible for the technical realm and security management, which includes consulting teams . He is a captain of a global operating group of penetration testers and security experts. Wayne and his group have delivered security assessments, Penetration Test assignments and customized training for International Corporations and many Government Agencies such as: EPA, FAA, DOJ, DOE, DOD + 8570: Air force, Army, Navy, Marines, FBI and Statewide Law Enforcement Offices in the USA.
In Europe: NATO, Europol, MOD (Military of Defense UK) various EU Law Enforcement, Dutch Ministry of Defense, Ministry of Justice, local European Law Enforcement: UK, Ireland, Switzerland, Belgium, Holland, Denmark.
ASIA: Singapore Gov, Philippines’ Presidential Office, the Undersecretary, and Cyber Crime Police Specialist Unit. Jakarta, Tax Investigations Office. Various Malaysian Gov agencies. Plus Corporate and government bodies from Africa, and numerous Gulf locations to name a few. His office has become his next long haul international flight.
Wayne’s consulting and training undertakings cover specializing in Penetration Testing, Forensics, Security Expert Advisor and secure infrastructure design. His expertise include DMZ firewalls, Secure VPNs, EAP/TLS, PEAP, SSL, PKI, Smart Cards, Biometrics, IPSEC, IDS, Vulnerability Scanners, AV, Honey Pots, Audits, filtering policies, multi-layer encrypted file systems, patch management and deployments. He additionally develops customized and blended security curriculum.
Wayne is constantly engaged in helping businesses optimize their systems security vision He is acknowledged as an expert consultant and trainer serving large organizations with cutting edge IT security. His wide range of all product experience has helped to develop his overall systems security knowledge. Wayne has a passion for tracing malicious hackers in pursuit of which he has had to grapple with issues, which are inextricably entwined in meeting the everyday challenges of information systems security.
Students completing this course will gain in-depth knowledge in the following areas:
  • Appreciating how a Digital or Mobile Forensic Investigator processes cell phones, PDAs, and any other mobile devices that is able to store data and communicate
  • Covering elements of Mobile Device Hacking such as the latest genre of attacks from simple password cracking to sophisticated injection of rootkits / remote spy monitoring
  • Investigating the processes involved in Mobile Forensic Acquisitions, Analysis and Reporting of Mobile Device evidence with detailed coverage on some the more popular devices such as Apple iDevices (iPhone, iPad, iTouch / iPods), BlackBerrys, Windows 7 & Android Based Devices
  • Defending common attacks through Mobile Device Security Hardening, understanding what works best for corporate users
  • Analyzing techniques to forensically preserve, acquire and examine data stored on mobile devices and their associated data
  • Developing a thorough understanding of how mobile devices are hacked
  • Familiarizing custom extraction techniques used on various mobile devices and their platforms to retrieve save several types of personal information such as contacts, photos, calendars and notes
  • Examining the extracted data and utilizing these results for internal investigations or in civil/criminal litigation
  • Applying the forensic industry’s best practices, techniques and tools required for obtaining and utilizing digital evidence on mobile devices
  • Handling common challenges faced in the field of Digital Mobile forensics
1. Mobile Hacking and Digital Forensic Challenges
This module will cover a broad refresher of the fundamental principles and methodologies used for legal forensics investigations
  • History of Digital Forensics
  • Global Legal System - Challenges
  • Technical Aspects of Mobile Forensics (What are the challenges)
  • Trace, Seize and investigate – Cyber Crime Case Scenarios
  • Criminal / Civil Incidents
  • Cyber Fraud
  • Insider / Unknown Threats
  • Recommended reading

Lab 1: Scenario Case Investigation

Lab 2: Evidence Analysis

After completing this module, students will be familiar with:

  • Creating a new case using FTK and import case evidence
  • Standard Evidence storage acquisition of a hard disk
  • Using FTK and Caine Live CD for case evidence analysis and evidence priority
  • Exploring the difference of Physical vs. Logical Evidence Acquisition

2. Mobile Hardware Design for iPhone, BlackBerry, Android and other devices

This module will focus on the hardware design specifications of the popular mobile devices

  • Forensics Methodology
  • Why we need in-depth knowledge of the designs
  • iDevice teardown schematics (Ipad, Iphone and Ipad)
  • Android teardown schematics (HTC and Samsung)
  • Blackberry Bold teardown
  • Standard designs of other mobile devices
  • Mobile Hardware Tool Kits

Lab: Under the hood of an iPhone

After completing this module, students will be familiar with:

  • Diving deep into the hardware aspects of mobile devices
  • Appreciating the different methods, techniques and tools involved

3. Mobile Software design and the common boot process for Smart Devices

This module explains how mobiles boot, and use architectural design components. It also describes how data is stored and accessed for the IOS system

  • Fundamental Open Source Software
  • Why specialize? And Latest News
  • Mobile OSX Architecture
  • Core Definitions
  • UI Framework IOS
  • OSX Boot Overview
  • iPhone DFU – Recovery Modes
  • Android Boot Process
  • IOS Kernel Design
  • Jail-breaking / Rooting, REALLY? why, what and how

Lab: Jail-breaking and Rooting

After completing this module, students will be familiar with:

  • Understanding Apple and Android Architecture
  • Appreciating UI Frameworks and IOS Kernel Design
  • Jail-breaking and rooting IOS and Android

4. Mobile Device Storage and Evidence Acquisition Techniques

This module explains how user data is stored and how to deal with deleted user evidence. It also describes the array of techniques that offer the greatest success for evidence acquisition

  • Analysis Open Source Tool and SDK Software kits for Apple and Android
  • Evidence Acquisition
  • Smart Phone Characteristics
  • Slack Space – Hidden Data
  • MBR – EFI Basic Storage Designs
  • Partitions and device specifics
  • Passcode Protection – Encrypted Backups

Lab 1: Binary Reality

Lab 2: Accessing Evidence

After completing this module, students will be familiar with:

  • Using manual open-source evidence acquisition methods
  • Bypassing passcode protection
  • The importance of HEX editors
  • Primary unix commands and techniques used

5. Advanced Mobile Attack Analysis

This module explains the genre and advanced Mobile Attacks

  • How Mobile Devices get Hacked
  • Debuggers and Decompiles
  • Reverse Engineering
  • IPA and APK Packages
  • iPhone App Store Specifics

Lab 1: Hacking Tools and Analysis

Lab 2: Building our Environment

After completing this module, students will be familiar with:

  • Analyzing Real Threats
  • Using open source tools and techniques

6. Mobile Device Hacking Techniques and Tools

This module explains how to analyze evidence and produce detailed evidence reports. It also describes how technical savvy people can obscure evidence to negate or destroy the evidence

  • Hacking can kill you
  • Threat Predictions 2011 / 2012
  • Mobile Hacking Techniques
  • IOS Platform Weaknesses
  • Android Platform Weaknesses
  • Blackberry Platform Weaknesses

Lab 1: Popular Software for Analysis

After completing this module, students will be familiar with:

  • Understanding Hacking Techniques and Tools.
  • Launching Spear Phishing Attacks.
  • Planting Hidden Payloads

7. Penetration Testing and Exploitation Vectors

This module explains the Penetration Testing training Life Cycle. It also describes the tools and techniques we can use for exploitation Vectors

  • Information Gathering
  • Manual Exploitation
  • Exploit Frameworks
  • Cracking Passwords

Lab 1: Pen Test 101

Lab 2: Pen Test Model - BlueTooth Hacking

Note: This module is designed to be 100% hands-on covering the penetration testing methodology by utilizing BackTrack v5r1

8. Mobile Forensic Hardware and Software Field Kits

This module explains Forensics Hardware Options. It also describes how we can build our portable Forensics field kits

  • DIY Toolkit Options and costs
  • Commercial Comparisons
  • Pros and cons of open source
  • Field Kit Review and best practices

Lab 1: Tag and Bag

Lab 2: Building our Forensic Station and Toolkit

After completing this module, students will be familiar with:

  • Using open source tools and techniques
  • Using commercial packages
  • Critical aspects related to Chain of Custody, documentation
  •  and protection of evidence techniques
  • 9. Forensic Software, Evidence Analysis and Reporting

    This module explains how to wrap-up the case by compiling the report and focuses on presenting the technical results in Laymen terms

    • Disclaimer/ Legal
    • Introduction to software packages
    • Forensics Reports
    • Best Evidence Rule
    • Evidence Report Documentation

    Lab 1: Creating the Report

    After completing this module, students will be familiar with:

    • Categorizing Evidence
    • Evidence Tampering
    • The various software used
How will this course benefit you?
  • Staying updated and abreast of the latest technologies that are being developed and used by the best in the field
  • Protect your organization by retrieving stolen data and incriminating evidence from communications devices used by rogue employees
  • Influence results of civil, private litigation and criminal cases by providing crucial evidence such as the suspects involved, their locations at the time of question and the role they played by extracting this information from mobile devices
  • Refine current mobile forensic processes by addressing its unique problems of preserving crucial data and producing valid results
  • Protecting your organization by conducting proper & regular IT Audit investigations on mobile devices to ensure no misuse of company information
Information security professional
  • Risk Assessment Professionals
  • Digital Forensics Investigators
  • Information Security Professionals
  • Mobile Developers
  • Penetration Testers - CEH Professionals
  • Law Enforcement Officers and Government Agencies
  • Attorneys, Paralegals and First Responders
  • Accountants and Financial Personnel
  • Anyone who deals with implementation, testing, security hardening of mobile devices

  • Students should have an understanding of Fundamental principles and process for digital forensics
  • Knowledge includes evidence acquisitions, examination analysis and final reporting
  • A minimum of 6 months Digital Forensics experience is recommended

Recommended Certifications
Before attending this course, it’s recommended that students have:
  • CHFI certification or equivalent knowledge.
  • A+ certification or equivalent knowledge.
  • Network+ certification or equivalent knowledge.
CAST On-site provides personalised Advanced Security Courses to meet the needs of the individual or company and are planned to ensure maximum flexibility in terms of logistics, dates and cost issues. Our certified expert trainers are experienced educators and highly knowledgeable in their respective fields. CAST On-site prides itself on strict quality control principles at all times to ensure that clients receive the highest standard of training and service.
CAST On-Site training is designed to add great value to your work force by increasing staff efficiency and skills ensuring improved productivity and output that far exceeds the value of the initial training costs.

Key features of CAST On-site:
  • Each of the courses selected from the CAST Advanced Training Suite will be specifically designed to meet the needs of each individual, based according to their current skills and pace of learning to meet your organisation’s unique objectives and goals
  • CAST On-site expert/trainers will be flown down to your premise of choice at a date most suitable to you
  • CAST On-site allows students to receive training in more manageable sessions arranged over a spread of a few days that allowing for greater absorption of knowledge with an opportunity to practice and verify the new skills after each session prior to commencing the next one
  • With CAST On-site Advanced Security courses students will be able to take advantage of directly conversing with the chosen expert in matters unique to the student and your organisation
  • You can be rest assured that all challenges and objectives pertaining to your organisation’s goals can be discussed in an environment that ensures complete confidentiality
  • Each individual client receives the required high level of training that is benchmarked to international best practise and standards
  • Each student receives a CAST Advanced Security Training Courseware that allows them to follow and revise the material that has been taught to them
  • Upon completion of the course, each student will receive a CAST On-Site Advanced Security Training certificate of attendance

Enquire Online About Advanced Security Training Programs

We at CAST would like to hear from you

if you have questions, comments or feedback for us, please send us a message using the from below or email us at
For more information and news updates, connect with us via Social Media or our Mailing List.
We look forward to hearing from you!

CAST General Enquiry Form