Join Us!

Notifications
Clear all

Cellebrite vs XRY  

  RSS
jm25
 jm25
(@jm25)
Junior Member

I was just looking for opinions. My department only has a budget to get one mobile forensic kit. I have used XRY extensively in the past, but have heard good things about Cellebrite too. If you could only get one kit, which would it be? For the time being we are only getting a logical version of either.I am in Europe, so I will be dealing pretty much exclusively with GSM devices.

On price, XRY is working out a little bit more expensive in the long run. Its 1500 euro cheaper initially, but the renewal prices are 1500 dearer per year (give or take).

Thanks,

JM25

Quote
Posted : 10/12/2012 3:18 pm
Doug
 Doug
(@doug)
Active Member

What does your department do? Forensics? eDiscovery?

Its like choosing between a Canon or a Nikon camera, they are both damn good solutions.

If you are working with ED at all then you might find Cellebrite better as a few of the big tool vendors support the ingestion of Cellebrite XML files. I know that some will work with XRY XML files, but I don't know to what level.

ReplyQuote
Posted : 10/12/2012 3:56 pm
jm25
 jm25
(@jm25)
Junior Member

Hi Doug, Thanks for that, that's interesting. We do actually provide E-Discovery services so that might change everything -).

Thanks a lot.

ReplyQuote
Posted : 10/12/2012 5:39 pm
alex101
(@alex101)
Active Member

Are you looking at the Physical/Complete (recover deleted & unallocated) versions of the two tools or the Logical extraction versions?

If the latter is your choice then we have found XRY to be the better due to wider range of data extracted in logical examinations. If the former is your choice… then it depends on the handset you are examining.

I'm not really sure there is a simple answer as they both have a lot to offer.

Just to throw another hat in the ring, have you considered Oxygen Forensic? Also a very good tool to have in your kit and quite a bit cheaper I believe.

ReplyQuote
Posted : 10/12/2012 9:39 pm
ForensicRanger
(@forensicranger)
Active Member

My shop uses a multitude of mobile forensics tools - all of which come in handy and have paid for themselves. That being said, Cellebrite is our main go to tool, particularly for parsing BB physical/logical extractions as well as conducting iPhone extractions. Their reporting feature is really quite good and their support is second to none.

ReplyQuote
Posted : 11/12/2012 2:25 am
Adam10541
(@adam10541)
Senior Member

Given how close the two are the Cellebrite adds portability without the need for a laptop, so that may give it an edge if you need to do work on site.

Oxygen may be fine for a pure software solution but it's not even in the same league as XRY and Cellebrite, so I would never consider this as anything other than an extra "just in case", and given it doesn't come with any cables you will still have to go and source all the cables and chargers etc you need.

ReplyQuote
Posted : 11/12/2012 5:25 am
jm25
 jm25
(@jm25)
Junior Member

Thanks for the advice. Do you have to use Cellebrites hardware? I only ask because, as nice as it is, it presents a single big point of failure if something does go wrong with it. Where as a software based solution such as XRY can be installed on many machines, swapping the dongle as needed.

Appreciate every bodies input, thanks.

ReplyQuote
Posted : 11/12/2012 1:57 pm
ForensicRanger
(@forensicranger)
Active Member

Thanks for the advice. Do you have to use Cellebrites hardware? I only ask because, as nice as it is, it presents a single big point of failure if something does go wrong with it. Where as a software based solution such as XRY can be installed on many machines, swapping the dongle as needed.

Appreciate every bodies input, thanks.

We've done 1000s of devices on our UFED Pro/Ultimate without any isses on the Cellebrite box.. we have had connectors brake on the cables but no issues with the UFED.

ReplyQuote
Posted : 12/12/2012 1:16 am
yunus
(@yunus)
Active Member

Here is a comparison of XRY vs Cellebrite, based on my observations.

1. XRY has to be connected to a computer for use. Cellebrite could be used stand alone.
2. XRY does Not have enough support for chinese phones. Cellebrite has good support for chinese phones. Seperate module for those phones Chinex
3. XRY Lots of errors during installation. No such problem in cellebrite.
4. XRY recognizes far less phones than Cellebrite does. Cellebrite recognizes the highest number of phones of all the forensic products.
5. Support by e-mail is slow. Cellebrite gives quick support.
6. Updating xry is difficult. You have to update reader and the pack seperately. Cellebrite's update is very easy and fast. Just connect the cable to the UFED device.
7. XRY Slow operation esp. in the first use. CellebriteNo such problem.
8. XRY Might require programming skills in Phython. No such problem in cellebrite.
9. XRY USB power may not be sufficient. For instance; samsung galaxy phones. No such problem in cellebrite.
10. You can use XRY in any computer as it operates with a dongle. You can take the dongle to any computer. Cellebrite is difficult when it comes to moving its software to another computer in your lab. The software is dependent upon the hardware and requires some special codes from the company for installation to another computer.
11. English menus are badly written. There is no letter in english language such as an I with a dot on top, however XRY uses such a letter, which gives the impression that quality checks are not properly made in terms of interface. No such problem in cellebrite.
11. XRY supports more languages in reporting including Turkish. Celleberite no support for Turkish in reporting.

My overall evaluation is that Cellebrite is far more better than XRY.

ReplyQuote
Posted : 14/01/2013 12:59 am
TomP
 TomP
(@tomp)
Junior Member

I'm lucky enough to work in a lab that has a large proportion of the current forensic tools available. In day to day work XRY is my go to tool, it offers support for a huge amount of devices and while perhaps not as many as Cellebrite it is rare that I am unable to extract a device with it. I work mainly in a forensic role as opposed to an ediscovery role and find the outputs from XRY easier to work with; the media files export is better in XRY as it gives you the individual images and a text file with the meta data to go with these images.

I guess in your case I'd be looking at what Doug says, if you are carrying out ediscovery work then the support with other software packages for the outputs from Cellebrite is a feature that would be on the top of my list. I'd perhaps look further into this integration given your ediscovery work.

I don't think you'd be disappointed with either but personally for my application I would go for XRY however this is all subjective and I guess my increased familiarity with XRY is why I go to that first.

If you have any specific questions about the software feel free to PM me.

PS, I had no issues installing either package on my machine and use a powered USB hub for connecting devices. You do have to use the Cellebrite hardware for the initial extraction. XRY you just need the software installed on you machine and a dongle. Cellebrite you need the unit then a computer to look at the output and the software on that computer. Both packages come with a small nest of cables covering *nearly* all eventualities.

ReplyQuote
Posted : 14/01/2013 7:20 pm
rjudy55
(@rjudy55)
New Member

..

ReplyQuote
Posted : 26/01/2013 3:40 am
Share: