Android Data Extractor Lite – ADEL

P { margin-bottom: 0.08in; }


This Python script dumps all important SQLite Databases from a
connected Android smartphone to the local disk and analyzes these
files in a forensically accurate workflow. If no smartphone is
connected you can specify a local directory which contains the
databases you want to analyze. Afterwards this script creates a
clearly structured XML report. 

If you connect a smartphone you need a rooted and insecure kernel
or a custom recovery installed on the smartphone. 

Forensic principles: ADEL is intended to treat data in a
forensically correct way. This goal is reached by the fact that
activities are not conducted directly on the phone but on a copy of
the databases. This procedure assures that data does not become
changed, neither by the users of ADEL nor by an uncompromised
operating system. In order to proof the forensic correctness of ADEL,
hash values are calculated prior and after each analysis, to
guarantee that dumped data did not become changed during analysis. 

Extendibility: ADEL has been modularly built and contains
two separate modules: the analysis and the report module. Predefined
interfaces exist between these modules and both of them can be easily
amended by additional functions. The modular structure allows for
dumping and analyzing further databases of smartphones without great
effort and facilitates updates of the system in the future. 

Usability: The use of ADEL is intended to be as simple as
possible to allow its use by both qualified persons and non-experts.
At best, the analysis of the mobile phone is conducted in an
autonomous way so that the user does not receive any notice of
internal processes. Moreover, the report module creates a detailed
report in a readable form, including all of the decoded data. During
the execution, ADEL optionally writes an extensive log file where all
of the important steps that were executed are traced.

ADEL needs a predefined configuration for each device to work
proper. This configuration has to be added in the following file:


As an example we added the configuration for the Samsung Galaxy S2
running Android 2.3.3, more phone configurations will follow.

Example for the use of ADEL with a connected smartphone:

adel.py -d device -l 4 

Example for the use of ADEL with database backups:

adel.py -d /home/user/backup -l 4 

P { margin-bottom: 0.08in; }

In the current development state, the following databases are
forensically treated and parsed:

  • telephone and SIM-card information (e. g. IMSI and serial

  • telephone book and call lists,

  • calendar entries,

  • SMS messages,

  • GPS locations from different sources on the smartphone.

ADEL now makes use of a custom recovery image based on the
Clockworkmod-Recovery. Due to this change you do not need to modify
the kernel or the adb daemon anymore. Furthermore, on some newer
smartphones you can load the modified recovery to RAM via fastboot,
so you don’t need to do any persistent changes to the smartphone.

Download and more information

Image Credit

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

Why Is Mobile App Hacking Growing In Popularity?

A cybersecurity blog post released by Varonis in March 2021 revealed the shocking truth:  Because of the Covid-19 pandemic, a huge increase in breached...

Protecting Your ID Online in 2021

With recent large hacks and increasing sophisticated schemes, we should also be protecting ourselves with even more sophisticated defensive strategies to protect our identities...

Taking a Look at the Privacy Features of Monero

Many large cryptocurrencies available today market themselves as bastions of business transparency by making their transaction data pseudonymously available on immutable, public databases. Because...

Best Tips on Cybersecurity for Students

Students, teachers, and educational institutions can all be targeted by hackers. In fact, 87% of schools have experienced one or more successful cyberattacks. There is...