Skip to content

Index of contents

Publication strategy

In the first half of 2025 we will focus on contains that allow readers to attain a baseline understanding of consensual digital forensics, as well as tutorials and guides to support evidence collection. In the second half of 2025, we will focus on contents related to the analysis phase, as well as resources to support peer collaboration.

Contents will be developed in Spanish first, and we will pursue and support translation to English. In advance we appreciate any and all efforts to revise, improve and translate contents into different languages. For more information, you can get in touch with us at seguridad@socialtic.org.

Index of published contents

Explainers

Explainers deepen and broaden the reader’s understanding of a subject. It brings clarity, light and context. Explainers intention is to be theoric learning resources, to improve the understanding of a given subject. They focus on a defined scope of a larger topic, and usually help understand the “why”.

Tutorials

Tutorials are all about learning through guided practical exercises. In other words, it's learning by doing. Tutorials allow the reader to acquire skills and knowledge, and are focused on learning and not on completing a specific task.

How-to guides

How-to’s are all about executing a task and achieving a goal through step-by-step instructions. It assumes that the reader already has the baseline skills and knowledge necessary to complete the task, and hence, focuses on the steps necessary to achieve the desired outcome in a correct way and aligned to best practices.

References

Reference material describes the machinery. One hardly reads reference material; one consults it. There should be no doubt or ambiguity in reference; it should be wholly authoritative. Reference contains technical knowledge that can be helpful when executing a task.

Additional contents to be developed

Over the coming months, we expect to publish contents in the following topics. We are indicating the approximate time of the year contents will be released, but please keep in mind that the exact timeline might shift due to internal and external priorities. If you are interested in any specific content to be released sooner than we are planning to, don’t hesitate to reach out and let us know at seguridad@socialtic.org.

  • How to identify suspicious apps through the graphic interface of an Android device? (ETA first half of 2025)
  • Key concepts for triage and acquisition (ETA first half of 2025)
  • How to set up a forensic lab for mobile device analysis? (ETA first half of 2025)
  • Acquisition and extraction of a bugreport (ETA first half of 2025)
  • Acquisition and extraction using AndroidQF (ETA first half of 2025)
  • Acquisition and extraction using ADB (ETA first half of 2025)
  • Triage of an Android device using AndroidQF and MVT (ETA first half of 2025)
  • Dictionary of files generated by androidqf (ETA first half of 2025)
  • Dictionary of files generated by mvt-bugreport (ETA first half of 2025)
  • Dictionary of files generated by mvt-androidqf (ETA first half of 2025)
  • Dictionary of files generated by mvt-adb (ETA first half of 2025)
  • Managing evidence and data during a forensic investigation (ETA second half of 2025)
  • Vectors and type of mobile malware attacks observed in civil society (ETA second half of 2025)
  • Analysis for a bugreport using MVT (ETA second half of 2025)
  • Analysis of an AndroidQF extraction using MVT (ETA second half of 2025)
  • Analysis of a physical device using MVT (ETA second half of 2025)
  • Common Android artifacts (ETA second half of 2025)
  • How to collaborate with other threat labs: peer-to-peer collaboration? (ETA second half of 2025)
  • Analysis for malicious apps on Android (ETA second half of 2025)
  • Manual analysis of logas (ETA second half of 2025)
  • Vulnerability analysis on Android Análisis de vulnerabilidades en Android (estimado segunda mitad 2025)