
It has been developed and released by the Amnesty International Security Lab in July 2021 in the context of the Pegasus project along with a technical forensic methodology and forensic evidence.
Warning: this tool has been released as a forensic tool for a technical audience. Using it requires some technical skills such as understanding the basics of forensic analysis and using command-line tools.
Installation
First, you need to install dependencies, on Linux sudo apt install python3 python3-pip libusb-1.0-0 or on MacOS brew install python3 libusb.
Then you can install mvt from pypi with pip3 install mvt, or directly from sources:
git clone https://github.com/mvt-project/mvt.git
cd mvt
pip3 install.
Usage
MVT provides two commands mvt-ios and mvt-android with the following subcommands available:
- mvt-ios:
check-fs: Extract artifacts from a full filesystem dump
check-iocs: Compare stored JSON results to provided indicators
decrypt-backup: Decrypt an encrypted iTunes backup
- mvt-android:
check-backup: Check an Android Backup
download-apks: Download all or non-safelisted installed APKs
Check out the documentation to see how to use them.