rick-slin
commented
1 year ago I'd like to work on this issue. I was thinking of making two PRs, one per file.
Open rgayon opened 3 years ago
rick-slin
commented
1 year ago I'd like to work on this issue. I was thinking of making two PRs, one per file.
Context: https://www.amnesty.org/en/latest/research/2021/07/forensic-methodology-report-how-to-catch-nso-groups-pegasus/#_ftn1
iOS maintains records of process executions and their respective network usage in two SQLite database files called “DataUsage.sqlite” and “netusage.sqlite” which are stored on the device.record of Apple IDs seen by each installed application in a plist file located at /private/var/mobile/Library/Preferences/com.apple.identityservices.idstatuscache.plistWe already have parsers for these file formats so I suppose what we need is some test data to figure out the schema