ElcomSoft Co. Ltd. updates Elcomsoft Cloud eXplorer, a digital forensic tool for remotely acquiring information from Google accounts. In its first major update, the tool gains Gmail acquisition support via Google’s proprietary API, adds printable reports for a wide range of data categories, and extracts information on who requested access to the Google account being investigated.
Elcomsoft Cloud Explorer is an all-in-one solution for acquiring and analyzing information collected and stored by Google in the user’s Google Account. The tool offers forensic specialists access to users’ search history, up to 6 years of detailed location history, contacts, email communications, Chrome browsing history, notes, messages, and much more. Featuring selective access and blazing fast acquisition, Elcomsoft Cloud Explorer is world’s most advanced tool for Google forensics.
“We’re working on making Elcomsoft Cloud Explorer a one-stop tool for investigating Google accounts”, says Vladimir Katalov, ElcomSoft CEO. “It’s hard to underestimate just how much Google knows about its users. We offer forensic specialists a single point of access to data that’s normally scattered around the many Google servers with unique APIs and data formats. With Gmail support and comprehensive reporting, Cloud Explorer gets one step closer to becoming truly irreplaceable for digital investigations.”
Background: What Google Knows About Its Users
Google is a dominant force in many areas. The search market, the Android platform, Google Photos, mail and cloud storage services are just a few to mention. Each and every service provided by Google contributes to Google’s insight about the users, collecting their current location and IP address, storing their search requests and taking a note on Web sites they visit via Google Chrome.
Google knows which search results are opened even if a third-party Web browser was used to fire a Google search. Android smartphones routinely report the user’s location to Google servers. Email messages, contacts, calendar events and a lot more data is synced via the user’s Google Account.
Most of this data can be extracted from Google servers. However, the information is provided in a wide range of data formats, and accessible via a number of different APIs. Acquiring Google data with bare hands is a lengthy and labour-consuming procedure. Elcomsoft Cloud Explorer was designed specifically to make it easy to acquire, view and analyze information stored in Google Accounts.
Gmail Acquisition and Analysis
Elcomsoft Cloud Explorer 1.10 offers investigators the convenience of fast Gmail acquisition and detailed analysis. The tool can download all or some email messages from the user’s Gmail account, allowing investigators specifying the exact period to acquire. Access to messages is implemented via Google’s proprietary Gmail API, which makes it possible to achieve unprecedented acquisition speed of about 3000 email messages per minute (subject to message size and connection speed). Putting things into perspective, this is approximately 5 times faster than Google Takeout, and about 3 times faster compared to a commercial IMAP client on the same Internet connection. Selective access to messages during the acquisition stage and unbeatable acquisition speed make Elcomsoft Cloud Explorer one of the fastest Gmail analytic toolkits on the market.
The built-in Gmail analyzer offers detailed searching and filtering through all downloaded messages, and provides valuable insight about downloaded messages. Thanks to the use of Google’s Gmail API instead of the commonly available POP3 or IMAP protocols allows the tool to distinguish between Read, Unread and Archived messages, recognize Gmail categories, labels, folders and conversation threads. Users can automatically filter messages that contain media attachments such as pictures, videos or documents. Complete message threads are instantly available as investigators search or browse through downloaded mail.
Version 1.10 adds a number of HTML reports, including User Infо, History, Chrome, Dashboard, Media, Locations, Calendars, Notes, Chats, Google Keep, and Contacts. Gmail reports are planned for the next release. HTML reports can be easily printed or viewed in any Web browser.
About Elcomsoft Cloud Explorer
Elcomsoft Cloud Explorer makes it easier to download, view and analyze information collected by the search giant, providing convenient access to users’ search and browsing history, Gmail messages and contacts, detailed location history going back up to 6 years, Google Keep notes, Hangouts messages, as well as images stored in the user’s Google Photos account. Google collects massive amounts of information from registered customers. Elcomsoft Cloud Explorer extracts information from the many available sources, parses and assembles the data, presenting information in human-readable form.
Supports Windows Vista, Windows 7, 8, 8.1, and 10, as well as Windows 2003, 2008 and 2012 Server.
Pricing and Availability
Elcomsoft Cloud Explorer is immediately available. North American pricing starts from $1995. Local pricing may vary. Elcomsoft Cloud Explorer is available stand-alone or as part of Elcomsoft Mobile Forensic Bundle ($2995), which includes a comprehensive range of mobile acquisition and analysis tools for devices running Apple iOS, BlackBerry 10, Windows Phone and Windows 10 Mobile.
About ElcomSoft Co. Ltd.
Founded in 1990, ElcomSoft Co. Ltd. develops state-of-the-art computer forensics tools, provides computer forensics training and computer evidence consulting services. Since 1997, ElcomSoft has been providing support to businesses, law enforcement, military, and intelligence agencies. ElcomSoft tools are used by most of the Fortune 500 corporations, multiple branches of the military all over the world, foreign governments, and all major accounting firms. ElcomSoft is a Microsoft Partner (Gold Application Development), Intel Premier Elite Partner and member of NVIDIA’s CUDA/GPU Computing Registered Developer Program.