helps quickly gathering forensic evidence from Android devices, in order to identify potential traces of compromise.
The following data can be extracted:
- A list of all packages installed and related distribution files
- (Optional) Copy of all installed APKs or of only those not marked as system apps
- The output of the dumpsys shell command, providing diagnostic information about the device
- The output of the getprop shell command, providing build information and configuration parameters
- All system settings
- The output of the ps shell command, providing a list of all running processes
- (Optional) A backup of SMS and MMS messages
Download here: https://github.com/botherder/androidqf
Disclaimer: This project was created for educational purposes and should not be used in environments without legal authorization.