Mobile Device Forensics (MDF)

May 16 – 17, 2018

Please call for additional course dates. Customized courses can run by request.

A Proficiency-Based Course Teaching You The Ins and Outs Of Mobile Devices and How They Relate to Hacking and Forensics.


  • Dive deeper into the foundations and inner workings of a mobile device.
  • Discover how to apply a forensics-based outlook to every facet of the Android and iOS  operating systems.


Mobile Device Forensics teaches you about the inner-workings of the Android and iOS operating systems and thoroughly explains how to safely and effectively perform forensic investigations as you navigate the mobile landscape.




This course begins with the basic concepts of mobility. Topics covered include cell phone channels, codes and protocols, including Long Term Evolution (LTE), Frequency Division Multiple Access (FDMA), Time Division Multiple Access (TDMA), Code Division Multiple Access (CDMA), and Global System for Mobile Communications (GSM). The course also covers cellular network technologies, Mobile Components and the components that assist with mobile device identification.


The next section will cover the Android operating system. We’ll start with a short introduction, and then dive into the key features of Android including its interface, applications, memory management, virtual reality and versioning. Next we’ll cover file system and memory partitions, and the background of SQLite files. Then the course will briefly cover Android apps before presenting a lengthier segment regarding Android security that discusses device security, the Android Bootloader and how to circumvent default system security restrictions. We’ll end this section by focusing on how to defend against malware, recover forensic data and exploring hacking concepts applicable to the Android operating system.


We’ll end our mobility discussion by exploring the iOS platform. After a quick overview, we’ll get you caught up on the iOS framework, software updates, the boot sequence and file system basics. This discussion includes an in-depth explanation of the iOS file system, where the operating systems files reside and the location of application files. Afterwards, we’ll get into the OS X file system where you’ll learn the placement of files, OS X standard directories, sandboxed applications and general file “sneakiness”. We’ll talk about iCloud and how the iOS system identifies the type of content in a file. We’ll review data synchronization, files, concurrency and thread safety. We end this section by reviewing jailbreaking, security and hacking concepts.



Please call for course pricing. 

Additional group and government discounts available, just email us.


What will you get out of this course?

In this course, you will gain a a better understanding of mobile forensics,  compare Android and iOS operating systems, apply forensic processes to mobile devices and interpret mobile hacking concepts.

What makes this course unique?

You’ll perform your exercises and scenarios in a sandboxed network, allowing you to practice and learn at your own pace without affecting other students.