Oxygen Forensic Detective - универсальный криминалистический инструмент для исследования данных мобильных устройств. Продукт позволяет выполнять полное извлечение данных, проводить исчерпывающий анализ данных, хранящихся на телефонах и в облачных хранилищах.
Развитие мобильных телефонов достигло той стадии, когда смартфоны "знают" о своих владельцах больше, чем их настольные компьютеры и ноутбуки. Из-за непрерывно меняющейся отрасли получать информацию с мобильных телефонов стало сложнее по причине использования шифрования, сложных паролей и биометрических средств защиты, например на основе отпечатков пальцев. В то же время, все больше пользователей синхронизируют данные мобильных устройств и делают их резервные копии, обращаясь к облачным службам на основе собственных разработок различных компаний или технологий сторонних поставщиков. Следовательно, нашим клиентам срочно требовалось полное и универсальное решение, которое бы могло производить сбор «мобильных» данных со всех продающихся устройств, обобщение полученных данных, а также позволяло бы выполнять расширенный анализ этой исключительно важной информации. Таким решением является пакет Oxygen Forensic Detective.
В составе продукта: • усовершенствованное средство Oxygen Forensic Cloud Extractor — встроенная служебная программа, собирающая данные из облачных служб хранения данных; • средство Oxygen Forensic Maps — встроенная служебная программа, работающая с данными геоинформационных систем, определяющая часто посещаемые места, помогающая строить маршруты по данным пользователя и определять, где часто бывали владельцы устройств по образам памяти нескольких устройств; • Oxygen Forensic Call Data Expert — встроенная служебная программа для импорта записей данных о вызовах (так называемые CDR-файлы) любого поставщика услуг беспроводной связи и визуального анализа соединений абонентов.
Поддержка новых ОС и устройств: Oxygen Forensic® Detective 12.0 обеспечивает поддержку Apple iOS 13, Android 10, Apple iPhone 11, Apple iPhone 11 Pro, Apple iPhone 11 Pro Max и более 1500 устройств Android, включая Xiaomi, Mi 2A, Xiaomi Mi 9 Lite , Samsung Galaxy Fold, Samsung Galaxy Fold 5G, Samsung Galaxy Note 10, Samsung Galaxy Note 10 5G и т. д.
detective features -Finds passwords to encrypted backups and images -Bypasses screen lock on popular Android OS devices -Acquires flight history and media files from drones -Extracts data from cloud services and storages -Acquires data from IoT devices and smartwatches -Collects user data and credentials on PCs -Offers import and analysis of call data records -Provides data analysis, including Facial Recognition
accounts and passwords: The Accounts and Passwords section displays logins, passwords and tokens extracted mobile devices. The program decrypts credentials from the iOS keychain and Android KeyStore, finds them in application databases and web forms. Investigators can find passwords and tokens to various applications.
advanced physical methods Oxygen Forensic® software offers advanced physical extraction for LG, Motorola, Samsung, MTK, Spreadtrum and Qualcomm devices. This method enables lock screen bypass and requires no root rights.
Applications The applications section displays user data that has been extracted and parsed from popular Social Networks, Messengers, Web Browsers, Navigation, Productivity, Travel, Finance, Fitness, Drone and Multimedia apps. Investigators can view app account details, contacts, messages, calls, logs, cache, and other relevant data. Even encrypted apps are decrypted and displayed in this area!
backup and image import Oxygen Forensic® software imports and parses dozens of various device backups and images created in official device software, third-party programs or other forensic tools. Investigators can import iTunes, ADB, and Nokia backups, JTAG/ISP,CHIP-Off and Nandroid images, XRY ,UFED, and full file-system images to name a few.
Calls The Calls section provides access to phone and App calls. Investigators can apply various filters as well as export all or selected data to supported file formats.
cdr analysis The built-in Oxygen Forensic® CDR Expert allows importing and analyzing of CDR files received from mobile service providers regardless of the difference in their column formats and file layouts. The program conveniently guides the investigator through the process of call data records file importing and any field mapping that is required to convert the file into a unified format. CDR Expert then visualizes direct and indirect links between callers on a graph.
Cloud Data The built-in Oxygen Forensic® Cloud Extractor acquires data from the most popular cloud services to include: WhatsApp, iCloud, Google, Microsoft, Mi Cloud, Huawei, Samsung, E-Mail (IMAP) Servers and more. Also, various social media services are supported to include but not limited to: Facebook, Twitter, Instagram, and many more. Investigators can use usernames and password combinations or tokens extracted from the mobile device or PC to gain access to a cloud storage even when two-factor authentication is enabled on selected services.
Contacts Contacts section displays contacts obtained from various sources: standard phonebook, calls log, messages and application databases. Contacts with the same fields are merged into one meta-contact. Contacts Data can be used at both the case level and device level of the examination.
Data Reports Oxygen Forensic® Detective enables the export of data from any section to many popular file formats including: PDF, XLSX, XML, HTML, JSON Project VIC. A report can be created to include a single device, several devices, several sections or even selected records. Reports are highly customizable to display only the data required, for any type of case. Our XML reports can be integrated into many popular analytic software platforms with our built in XML export specification documentation. Export to Relativity software is also available.
Data Search Oxygen Forensic® software has a powerful built-in interface for data search. Searching can be conducted on all devices, at the case level and at the device level. Investigators can search data according to the information entered in the input field, by keyword lists, hashes, using regular expressions or choosing any other available method. Search is launched as a separate process so investigators are free to work with the software during the search process.
The search process can search within files to uncover data that has not been parsed, often uncovering valuable data within SQlite databases, log files, and property lists.
Device Information The device information section gives you the general information about the acquired device. It shows various attributes, like the device specifics (e.g., make, model), SIM and network information, phone numbers and case details. Investigators can also find summary information of all the device owner’s accounts. Moreover, the Statistics tab shows the detailed statistics about extraction: Top 10 applications with the greatest number of communications, Top 10 groups, Top 10 contacts, Last contacted, Key Evidence with tags and notes.
Drone Data Oxygen Forensic® Detective can perform physical extraction of drones and parse GPS locations showing valuable route data in our built-in Timeline section and the built-in Oxygen Forensic® Maps. The software also allows the investigator to import drone log .dat files directly into Oxygen Forensic® Maps to visualize locations and track a drone route, as well as physically extract the internal memory on select DJI drones. Also available, data parsing from many drone applications, like DJI Go, Flight It Pro for iOS and Android devices. And finally, the software allows to extract data from drone cloud services, like DJI cloud, SkyPixel and Parrot.
encrypted backups and images import Oxygen Forensic® software enables decryption of iOS and Android backups and images. The built-in Passware mobile kit module helps to find passwords with latest algorithms and technologies including distributed processing and GPU acceleration with ATI and NVIDIA boards. The available attacks include brute-force, dictionary, Xieve, etc. and are highly optimized to deliver the result in the shortest amount of time.
facial recognition Oxygen Forensics now offers the most innovative and powerful ability to allow investigators to categorize human faces using built-in facial recognition technology. The facial recognition component can be downloaded from the customer area at no additional charge. Once installed investigators will now have access to the Faces section of Oxygen Forensic® Detective.
Files The Files section grants access to user’s photos, videos, documents and device databases. Built-in Text, Hex, Multimedia, SQLite and Plist viewers allow investigators to examine files and their metadata. Rich filtering and powerful search help to focus only on the required evidence. The section can be built for several devices in the same case.
Информация о софте: Дата выпуска: 2019 Разработчик: www.oxygen-forensic.com Платформа/ОС: Windows 7/8/8.1/10 Язык интерфейса: Multilanguage / English Лекарство: В комплекте Размер: 1.57 GB
