Delete docs directory

2026-02-12 17:22:48 +00:00 · 2025-12-20 14:53:32 -05:00
parent 4cc37e4d6b
commit b8c36b7438
1 changed files with 0 additions and 25 deletions
--- a/docs/analysis-methods.md
+++ b/docs/analysis-methods.md
@@ -1,25 +0,0 @@
-# Analysis Methods
-
-This document describes only the data sources and factual binary/trace analysis techniques used in this forensic investigation.
-
-## Data Sources
- CS35L27 8051 firmware binary (Region 32, 4096 bytes) extracted from hardware.
- `codecctl.txt`: Registry and configuration dump obtained via device utilities; used for register offset and initialization value analysis.
- TraceV3 files: 
-    - logdata_LiveData.tracev3 (3.3 MB)
-    - 00000000000076e4.tracev3 (7.6 MB)
-    - 000000000000442d.tracev3 (870 KB)
-    - 00000000000012fa.tracev3 (643 KB)
-    - 0000000000000005.timesync (46 KB)
-
-## Objective Analysis Techniques
-
- Static code analysis of 8051 binaries using Ghidra and Binwalk.
- String and pattern search via `strings`, regex, and custom scripts.
- Use of `codecctl.txt` for mapping register use and initialization state.
- Function boundary, call/return and jump/dispatch analysis via 8051 disassembly.
- Entropy mapping of binary regions for obfuscation/encryption checks.
- Systematic cross-check of firmware code/constant addresses with observed runtime behaviors in TraceV3 (hex and ASCII context).
- Counting and cataloging of event types including extended I2C commands, GPIO toggling, and I2S register values.
-
-No non-public sources, inference, or speculation beyond direct result of binary/runtime/config file examination are recorded here.