In this article, we explore Android Logical Forensics AFLogical, a method for extracting data from Android devices using the AFLogical OSE tool. By leveraging this approach, forensic analysts can retrieve valuable information such as call logs, SMS messages, and contacts, aiding in digital investigations.

Installing and Launching AF Logical OSE on Santoku Linux

First need to install SANTOKU tool kit. How to install it read this article given below

http://www.hackingarticles.in/santoku-linux-overview-of-mobile-forensics-operating-system/

Note : You need an Android mobile device with USB debugging on

Now, click bottom left of your conputer screeen select SANTOKU then Device Forensics and click on AF Logical OSE.

Note : make sure your android device is connected to computer via USB.

 Enable USB debugging on your device. For Android 3.x and below, go to Settings –> Applications –> Development, then check ‘USB debugging’.

Then, you will get a Terminal, In terminal type : aflogical-ose  It will show you the success message on the terminal.

Extracting and Saving Mobile Data

ON your mobile screen you will see couple of options like Call log, MMS etc, select the option which you want to extract and then click on Capture. (I have selected all the options as you can see below ).

Now on your mobile screen you will see the Extracting Data as shown in Image.

Finally, In terminal press Enter and now it will save the data and make a new folder in SD card by the name of Forensics .

Here is it will look like(I have selected the forensics folder see below)

Click on Forensics folder here you will see the data you have selected.

To learn more about Cyber Forensics. Follow this Link

Author: Mukul Mohan is a Microsoft Certified System Engineer in Security and Messaging with high level of expertise in handling server side operations based on windows platform. An experienced IT Corporate Trainer and Computer Forensics Expert with over 20 years’ Experience.

You can contact him at mukul@hackingarticles.in