The term Android image refers to the physical image (also called a forensic image or raw image) that is obtained by performing any of the physical data extraction techniques. Using the techniques explained in Chapter 9, Android Data Extraction Techniques, you can image the entire /data/data block or any particular block that is of relevance to the investigation. Once the image is obtained, an investigator like you can manually go through the contents of the file or take advantage of the available tools to parse through the contents. Commercial tools, such as Cellebrite and XRY, can drill into the data and present a comprehensive picture of the contents. Autopsy is one of the very widely used open source tools in the forensics world that performs an excellent job of analyzing an Android image.