Getting Started with Andriller

-

Andriller 

Andriller is a software utility containing a collection of smartphone forensic tools. It performs read-only, forensically sound, non-destructive acquisition from Android devices. It has features such as powerful Lockscreen cracking for Patterns, Pin codes, or Passwords, custom decoders for app data from Android (some Apply iOS and Windows) databases for decoding communications, and extraction and decoders that produce reports in HTML and Excel formats.

Features of Andrillers:-

1. Data Extraction- Andriller extracts vital data from Android devices, including SMS messages, contacts, call logs, and more.

2. Application Data Parsing- Andriller can parse data from apps like WhatsApp, Chrome, and Telegram.

3. Decryption and Password Cracking- It can decode pattern locks, pins, and passwords from certain Android devices.

4. Report Generation- Andriller provides detailed reports of the extracted data in a user-friendly format.

5. Supports Rooted and Non-rooted Devices- While rooted devices allow for more extensive extraction, Andriller can still extract significant data from non-rooted devices.

STEP 1: DOWNLOAD AND INSTALL ANDRILLER

a. Visit the official Andriller website and download on your suitable system (Windows, Linux, macOS)

b. Here I have downloaded it in my Linux system by the following command:

sudo apt-get install android-tools-adb python3-tk


c. Create a virtual environment using Python3:
First install python latest version
sudo apt install python3.11-venv




python3 -m venv env


Activate the virtual environment (Linux/Mac):

source env/bin/activate


Install Andriller with its Python dependencies (same command to updrade it):

pip install andriller -U


Quick start by using command:
python -m andriller


STEP 2: PREPARE THE ANDROID DEVICE
a. Enable developers' option in your android device (Settings > About Phone > tap on Build Number seven times to enable Developer Options)
b. In the developer's option Enable USB Debugging
c. If a possible, root the device as Andriller can extract more information in rooted device but also can perform if the device is not rooted
d. Next using a USB cable connect your android device to your computer where Andriller is installed 
e. Ensure that the device is in File transfer (MTP) mode for proper data access
f. Then allow USB debugging by clicking on "OKAY"
g. Next start your andriller application, it will automatically detect the android device and if not ensure that the USB debugging option is on and the drivers for your device are correctly installed 
h. It will show you a pop up as below




STEP 3: CHOOSE EXTRACTION OPTIONS
You have different extraction modes to choose from like: -
a. Full Data Extraction- extract all accessible data from the device
b. App-specific Extraction- extract data from specific apps like WhatsApp, Telegram etc
c. Selective Extraction- extract specific data types (eg. call logs, SMS, contacts)
d. Choose the Appropriate Option- Depending on your investigation, choose the extraction mode that suits your needs 
-Once you have made your choice click on 'Start Extraction'
-Wait for the process to complete
-After the process is completed, Andriller will notify you and generate the extracted data
-Andriller generates the extracted data in a readable format so these reports can be easily navigated
-The data will be organized by type for easier analysis
-If app-specific data was extracted, you can explore the conversations, media, and other things



STEP 4: DECRYPT PASSWORDS (OPTIONAL)
a. Andriller could decode and decrypt pattern locks and PINS for certain Android devices
b. If the device is locked and Andriller supports the model, start the decryption process to attempt to retrieve the unlock code 
c. Once decoded, the pattern or PIN will be displayed for you to unlock the device




STEP 5: GENERATE REPORTS 
a. Generate Forensic Reports- Andriller automatically generates reports in formats such as HTML, CSV, or JSON. These reports are essential for documenting your forensic investigation
b. You can review the reports directly within Andriller and export them for use in court cases, internal reports, or further analysis in other forensic tools like Autopsy


By following the steps outlined in this guide, you can effectively use Andriller to extract data from Android devices connected via USB, generate reports, and further analyze the results using other forensic tools like Autopsy.

















Comments

Post a Comment

Popular posts from this blog

Some Dark web Links

-
Image
Here are some of the Forum/Website to visit on dark web related to cybersecurity and hacking. Before visiting this website please follow the steps to be safe on the dark web/ Deepweb. Security Steps to be taken before opening the links: First of All, To browse these dark web forums, first close all active programs and applications in your computer then start Your NordVPN or any Paid and HQ VPN that have TOR service and select Onion Over VPN Server.  Now start Tor Browser and disable Javascript. In this way, you have created a completely secure and untraceable environment for you. If you think Tor Browser gives you full anonymity then you are wrong.  Only premium VPN services can provide you fully secure and untraceable environment. I have tried my hands on many premium VPN services, and I found NordVPN beats its competitor in all features. Disclaimer ⚠ : This info are shared for educational purpose only, neither the website nor creator hold any info or liabl...
Read more

How to join Cyber Cell or Cyber Crime Department in India || Exam or Direct or Skills???

-
Image
 How to join Cyber Cell or Cyber Crime Department in India || Exam or Direct or Skills??? Hello Guys, today's topic is How to join Cyber Cell in India. All of us has dreamed of joining the cybercrime department and working as an officer for the nation. Some of us have tried to search it on the internet asked our colleagues and friends relatives but somewhere we are not able to find the correct and satisfying answer o our question. Don't worry today Career Technology is going help you out to find all your questions answered in a single post. Welcome Everyone :)  Let's get started  HOW TO JOIN CYBER CELL THROUGH EXAM?? In the cyber cell department, there is no specific exam to join the cyber cell. Now What if there is no exam for cyber cell??? You can join cyber cell by applying for the exam of CBI or IB and then after getting selected for this you can apply for the cyber cell. HOW TO JOIN CBI OR IB?? Firstly you need to apply for this post to join cyber cell and to join C...
Read more

ATM HACKING TOOL TRENDING ON DARK WEB

-
Image
ATM HACKING TOOL TRENDING ON DARK WEB Latest hacking tools and devices have a great sale on the dark web, an ATM can be hacked within 15 to 20 minutes by any amateur person too. The one should know basics of it before buying such things, cybersecurity startup knowledge. The person who discovers this is CloudSEK Rakesh Krishnan says "The seller on the dark web has latyest ready-made tools such has malware cards, USB ATM Malware and many more such tools to dispense money from the ATM". HE also said that "Earlier, though these were slightly complicated, now with these devices, anybody can control these machines,” . WHAT HE DISCOVERED? HE talked to the seller as a buyer to many online shops and One of the shops offered him  ATM Malware Card, PIN Descriptor, Trigger Card and an instruction guide which tells how to suspend the cash from the machine. Once installed, it captures all card details stealthily. The amount can be withdrawn using Trigger Card, that d...
Read more