Offensive Mobile Forensics

There are many different locations containing interesting data on iOS devices. Data often resides in SQLite databases, the chosen format for local storage on mobile devices. The next best place to find sensitive information is in plist, or property list files – these are the primary storage medium for configuration settings in iOS, and they are also a fantastic source of sensitive information. User credentials are often stored here, instead of inside the KeyChain where they should be. Rounding out the top three data sources are binary or binary-encoded files, such as the device’s keyboard cache and pasteboard. Although storage locations commonly change with the release of new iOS firmware, it is fairly simple to poke around the general area and find what you’re looking for.

via Offensive Mobile Forensics.

Similarly to the configuration files for iOS, the XML files storing preferences for Android applications commonly include user credentials and other sensitive information.