ios-triage ~ incident response tool for iOS devices.

ios-triage ~ incident response tool for iOS devices.

ios-triage is a Node.js cli for iOS incident response. Program will extract, process and report (including diffs) on iOS device and app telemetry.
When you run ios-triage, there are three primary steps:
+ extract
ios-triage will automatically create a directory with the device UDID and then a timestamp (epoch in ms) for each extraction. This allows you to collect telemetry over time and perform diffs. A good example would be if an individual is travelling overseas and might be a targeted. You could image the device prior to the trip and after to then compare the available device telemetry.

Node.js cli for iOS incident response.

+ process
To process the device extraction, you have to point ios-triage at the top-level extraction directory structure is /. An example would be:

+ report
To produce an analyst report, you simple direct ios-triage at the top-level extraction directory:

Dependencies:
+ Node JS v7.x
+ Linux and MAC OSX Operating System.

Usage:

Source: https://github.com/ahoog42