In this episode, Scott Lorenz, Chief Forensic Analyst at Centex Technologies, will talk about EDL data collection and answer questions from the audience regarding advanced collection techniques.

Scott wrote two papers that answer many of the common questions people have asked him.

  1. Mastering EDL Mode: This document explains the various methods, techniques, and tips for placing devices in EDL Mode and collecting data from them using Cellebrite UFED.
  2. Mastering EDL Test Points: This paper focuses on finding test points on every possible phone Scott could get his hands on. (There were a lot of phones on the market that were believed not to have had test points, but it turns out that they all do and this paper includes that information.)

You can access and download the papers in PDF format from the Mobile Device Forensics and Analysis forum. When you become a member of this group, you’ll see on the opening page that there is an EDL folder that you can click to access both of these documents.

You can even download a combined document ,so that it is easier to perform a comprehensive keyword search whether it be a particular model of phone or a technique.

As members tend to simply look at notifications in their e-mail from this forum, it’s easy to overlook these links on the web page. However, they’re right at the top. Additionally, the Resource Folder link has tons of diagrams on ISP and other relevant information. Andrew Rathbun edited both of these documents, so special thanks to him. The documents are well bookmarked so you can navigate the content more easily.

There is also a table of contents for both papers that is very detailed, so you can quickly find what you’re looking for. If you click on the title, it will take you right to the relevant location in the document. 

You can also type, “ctrl+F” and perform a word search for anything you are looking for in the paper.

Share this post