> For the complete documentation index, see [llms.txt](https://pellaeon.gitbook.io/mobile-forensics/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://pellaeon.gitbook.io/mobile-forensics/android/check-if-developer-options-is-enabled.md). # Check if Developer Options is Enabled If USB Debugging in [Developer Options](https://developer.android.com/studio/debug/dev-options) is enabled, one can control a phone using the Android Debug Bridge (ADB) over USB, or over Wifi if Wifi Debugging is enabled. ADB would also allow attackers to drop executables onto the phone in `/data/local/tmp` and execute it as the `shell` system user. Unless the phone under check is being used for Android App development, **it is not normal for USB Debugging to be enabled.** You should find out the reason why and when the user enabled it. If USB Debugging is enabled, you should: * Check whether there are apps installed via ADB, and if so, analyze these apps. * Check for suspicious files under `/data/local/tmp` Once you have determined that no malware was installed using ADB, USB Debugging should be disabled. For high risk users, checking the two items above is not sufficient, since there are many other ways ADB could be used to infect a device, and it might also be possible that after the infection the attacker cleared out their traces. Thus, we recommend factory wiping the device before continue using it. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://pellaeon.gitbook.io/mobile-forensics/android/check-if-developer-options-is-enabled.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.