Hide It Pro App Forensics - Android Welcome to my first blog post. Following #DFIR on Twitter has convinced me it's about time I started sharing some information with the community. Luckily, I ran across some good info during a recent investigation. Using the data below, I hope it helps save someone else a lot of time if you run across this app during your own investigations. I came across some questionable images on an Android phone. The problem was, they were located in a folder that I wasn't familiar with. ProgramData\Android\Language\.fr\Pictures Like many forensicators, not knowing is maddening. Using the all powerful Google, I found a clue to as to their app origins. Thanks to Shubham Chaudhary and his post , I found out the odd folder was created by the Google Play app Hide It Pro. It is very important to understand how an app works and is viewed by a user before digging into the bits behind the curtain. If you don't understand how an ap