Add files via upload

edoardottt · web-flow · commit 6820a1398b95 · 2021-02-11T21:18:10.000+01:00
diff --git a/iOS-Forensics/README.md b/iOS-Forensics/README.md
@@ -0,0 +1,82 @@
+# iOS Forensics
+
+- Let's get it rolling!
+
+	  no answer needed
+
+- What would look more suspicious? an empty hard drive or a full hard drive?
+
+	- `an empty hard drive`
+
+- What is the definition for an abstract view of a hard drive?
+
+	- `image`
+
+- Read me!
+
+	  no answer needed
+
+- Read the above!
+
+	  no answer needed
+
+- Read the above!
+
+	  no answer needed
+
+- What is the name of a forensics tool that couldn't be used in a court of law, because data could be written to the device being analysed?
+
+	- `iFunBox`
+
+- You've found an iPhone with no passcode lock, what acquisition method would you use?    
+
+	- `direct acquisition`
+
+- What is the name of the certificate that gets stored on a computer when it becomes trusted?
+
+	- `trust certificate`
+
+- Read me!
+
+	  no answer needed
+
+- Start browsing!
+
+	  no answer needed
+
+- Who was the recepient of the SMS message sent on 23rd of August 2020?
+
+	- `Lewis Randall`
+
+- What did the SMS message say?
+
+	- `Did you get the goods?`
+
+- Looking at the address book, what is the first name of the other person in the contacts?
+
+	- `Jenny`
+
+- Following on from Question #3, what is their listed "Organization"
+
+	- `Transportation`
+
+- Investigate their browsing history, what is the address of the website that they have bookmarked?    
+
+	- `http://blog.cmnatic.co.uk`
+
+- The suspected received an email, what is the `remote_id` of the sender?    
+
+	- `51.32.56.12`
+
+- What is the name of the company on one of the images stored on the suspects phone?
+
+	- `TryHackMe`
+
+- What is the value of the cookie that was left behind?
+
+	- `THM{COOKIES!!!}`
+
+- Data acquired!
+
+	  no answer needed
+
