Best Practices: Organization

Preface: In the forensics process, organization is vital to ensuring the fidelity of all evidence gathered. This section will outline a few best practice organizational tips for analyzing an Android application.

  1. Create a folder in an easily accessible location and name it relevant to the case you are working on. The application for this example is called Tap Snake, so the folder name (created on the desktop) for relative case information is called “Tap Snake Case”
  2. Inside the folder, create additional folders for various sections of the case. For example: screenshots, notes, package, and folders for both static and dynamic analysis
