Forensics: Explain in detail what SQLite databases are and tools that you can use to view their contents. | BOT24

Forensics: Explain in detail what SQLite databases are and tools that you can use to view their contents.

If you can please take a moment to look at some of the ads embedded in these blog entries. It would be greatly appreciated and again thank you for taking the time to read the information contained in these entries, as I hope you find it to be helpful.....

 SQLite are open source database engines that are designed to be embedded in applications and hardware, its server-less riding or reading directly to the disk drive, it has a very small footprint, the entire database fits in is a single source file, they are cross platform database files which you can copy from a big endian machine to a little machine and it works fine, they are self contained with no external dependencies, it binds to most popular programming languages, limited restrictions on constructing databases, has user defined SQL functions and has user defined collating sequences which is ideal for mobile devices.
Some tools to view contents of SQLite
1. Lita is a free and open source SQLite database administration tool for Windows, MacOSX and Linux. Lita is an administration interface for SQLite databases. It lets you edit your databases structure and data in a dedicated environment. Open, create, compact, manage SQLite databases
Specific functions:
Create, rename, delete, and empty tables
Create, rename and delete columns
Create, modify and delete records
Encrypt or reencrypt your databases
Run, import and export your custom SQL statements
Create and delete indices
2. RazorSQL is a database query tool, SQL editor, database browser, and database administration tool for Windows, Mac OS X, Linux, and Solaris
Features  below are the SQLite tools and features offered by RazorSQL.
SQLite GUI Tools
Includes tools for creating SQLite tables, views, indexes, and triggers and tools for altering and dropping tables and views. Also includes tools for visually editing SQLite triggers.
SQLite Database Browser
Browse SQLite database objects such as schemas, tables, columns, primary and foreign keys, views, indexes, and triggers.
 SQLite SQL Editor
Edit SQL scripts. Run SQL queries. Auto column and auto table lookup. Multi-tabular query display. Supports over 20 programming languages including SQL, PL/SQL, T-SQL, PHP, HTML, XML, Java, and more.
 SQLite Import Tool
Import data from various formats such as delimited files, Excel spreadsheets, and fixed width files.
 SQLite Export Tool
Export data in various formats such as delimited files, Excel spreadsheets, text, HTML, XML, and SQL insert statements.
 SQLite Table Editor
Edit tables in a spreadsheet format with support for finding and replacing data, automatic generation of SQL, and support for editing multi-line data.
 SQLite SQL Query Builder
Easily build select, insert, delete, and update SQL queries. Build multi-table joins.
 SQLite Database Conversion Tools
Convert database tables from SQLite to other database types and from other database types to SQLite.
Features
epilog - a software tool which allows investigators to recover deleted data from the widely-used database format, SQLite.  Without epilog,you could be missing out on potentially valuable evidence.
epilog presents deleted data contained in SQLite databases
epilog uses three different algorithms in order to recover and rebuild deleted records
epilog analyses SQLite data recovered records and matches them to a table in the live database files
epilog works on live and deleted database files, the temporary “journal files” which are generated during a database operation and across a disc image or hex dump
epilog enables the user to save a single field to file, or batch export multiple “blob” (binary files) fields from the recovered records for further analysis
epilog allows the user to generate “insert statements” from recovered records in order to facilitate the restoration of deleted records into a live database
Once purchased, new signatures, updates and bug fixes are provided for the current version of epilog
SQLite Forensic Reporter v1.7
Universal SQLite database examination tool is available, version 1.7 includes  features to analyze, extract and report on information from any SQLite database (not corrupted or encrypted).
Useful for Computer & Phone Forensic Analysts and Data Recovery Technicians. Searches, indentifies and decodes all SQLite database files in a case. Identify SQLite databases containing evidence you never knew existed.
Oxygen Forensic SQLite Viewer
SQLite Viewer allows to explore the database files with the following extensions: .sqlite, .sqlite3, .sqlitedb, .db3. These files can be found in Apple, Android devices, Symbian Series 60 smartphones. These files contain the information about SMS, notes, calls, applications cache, voice mail information.
.
Share on Google Plus

About Bradley Susser

    Blogger Comment
    Facebook Comment

2 comments :

  1. Take a look on a free tool -- Valentina Studio. Amazing product! IMO this is the best manager for SQLite for all platforms. http://www.valentina-db.com/en/valentina-studio-overview

    ReplyDelete
  2. thanks hayatu. I will definitely take a look at it

    ReplyDelete