M.E.A.T. - Mobile Evidence Acquisition Toolkit
Toolkit for performing acquisitions on iOS devices with logical and filesystem acquisition support.
M.E.A.T. - Mobile Evidence Acquisition Toolkit
Toolkit for performing acquisitions on iOS devices with logical and filesystem acquisition support.
M.E.A.T. - Mobile Evidence Acquisition Toolkit Description
Meet M.E.A.T! From Jack Farley - BlackStone Discovery. This toolkit aims to help forensicators perform different kinds of acquisitions on iOS devices (and Android in the future). Requirements to run from source: Windows or Linux, Python 3.7.4 or 3.7.2, Pip packages seen in requirements.txt. Types of Acquisitions Supported: iOS Devices Logical - Using the logical acquisition flag on MEAT will instruct the tool to extract files and folders accessible through AFC on jailed devices. The specific folder that allows access is: \private\var\mobile\Media, which includes folders such as: AirFair, Books, DCIM, Downloads, general_storage, iTunes_Control, MediaAnalysis, PhotoData, Photos, PublicStaging, Purchases, Recordings. Filesystem iOS Device Prerequisites: Jailbroken iOS Device, AFC2 Installed via Cydia. Using the filesystem acquisition flag on MEAT will instruct the tool to start the AFC2 service and copy all files and folders back to the host machine. This method requires the device to be jailbroken with the following package installed: Apple File Conduit 2. This method can also be changed by the user using the -filesystemPath flag to instruct MEAT to only extract specific folders.
M.E.A.T. - Mobile Evidence Acquisition Toolkit FAQ
Common questions about M.E.A.T. - Mobile Evidence Acquisition Toolkit including features, pricing, alternatives, and user reviews.
M.E.A.T. - Mobile Evidence Acquisition Toolkit is Toolkit for performing acquisitions on iOS devices with logical and filesystem acquisition support.. It is a Security Operations solution designed to help security teams with IOS.
