Magnet AXIOM 3.7 Is Available With Google Warrant Returns, Mac Updates And More

Get Magnet AXIOM 3.7 as an update within AXIOM or as a download over at the Customer Portal today. AXIOM 3.7 provides support for Google warrant returns, KTX files, AFF4 physical images from Macquisition, and much more!

If you haven’t tried AXIOM yet, request a free 30-day trial here.


Support for Google Warrant Returns

Magnet AXIOM now supports Google warrant returns — giving law enforcement a potential wealth of information related to the owner of the Google account. AXIOM can be used to parse these returns and will provide investigators with information such as:


– Account Information

– Browsing History

– Chats

– Devices

– Login History

– Search History

– All media and documents included in the package — including Google Drive and Google Photos


KTX File Support

KTX image files are used on iOS devices to store critical information that could be useful in your investigations — information like snapshots of the application state when an app has been minimized and snapshots of web pages in Safari that remain open on tabs.


Ingest AFF4 Physical Images from Macquisition

You can now ingest and process the AFF4 physical images acquired from Macquisition. Starting in 2017, Mac computers have Apple’s T2 security chip providing hardware-assisted encryption for data stored on the system.


As an APFS Container on a T2 hardware-encrypted system is acquired, MacQuisition interfaces with the chip to decrypt the protected data, creating a decrypted physical image using the AFF4 format.


macOS Extended Attributes

Extended attributes are arbitrary metadata stored with a file on macOS. They are separate from the attributes that are strictly determined by the filesystem (such as modification time or file size). These attributes contain extra information about the file that is completely customizable.


AXIOM 3.7 lets you access the complete extended attributes of a file and preview them within a hex and text preview card.


For example, if you’re seeking information about how a file had arrived on the system, the attribute kMDItemWhereFroms provides examiners this context — whether it be from a web download, or via AirDrop.


Learn more about extended attributes, spotlight metadata, and the quarantine events database in this video from Trey Amick, Forensics Consultant:




Update to PhotoDNA

In AXIOM 3.7, we’ve updated our PhotoDNA library and have optimized our implementation to improve performance for those of you using PhotoDNA technology in your ICAC investigations.


New Advanced Filters

Get to the evidence faster by using “Include” or “Exclude” searches with multiple strings, as well as proximity searches (search for certain text near other text.) These filters are available for Global Keyword Search and column filters.


New Artifacts


– Wickr ME (iOS) – Learn more about Wickr ME in this blog from our Forensic Consultant, Mike Williamson.

– Chatous (iOS/Android)


Updated Artifacts

– Messenger (iOS)

– Snapchat (iOS)

– .m4a Videos

– Mail (iOS)

– Device Information (iOS)

– Android Contacts

– SMS/MMS (Android)

– Owner Information (iOS)

– Anti-Forensic Tools (Windows)

– Google Searches

– amcache (Windows)

– Human Trafficking Websites


Get Magnet AXIOM 3.7 Today!

If you’re already using AXIOM, download AXIOM 3.7 over at the Customer Portal. If you want to see how AXIOM 3.7 can help you find the evidence that matters, request a free 30-day trial today!


If you’re interested in a new solution, purpose-built for organizations needing to perform remote acquisitions and collect & analyze evidence from computers, cloud services, and mobile devices, then find out more about the beta program for our newest product: Magnet AXIOM Cyber.

Leave a Comment

Latest Videos

Data Extraction From UNISOC-Based Devices In Oxygen Forensic® Detective

Forensic Focus 16th November 2023 3:08 pm

Si and Desi talk to Eva Galperin, Director of Cybersecurity at the Electronic Frontier Foundation, and Emma Pickering, Head of Tech and Economic Abuse at Refuge. They discuss the impact of digital forensics and incident response (DFIR) in cases of domestic abuse. They highlight the prevalence of tech-enabled abuse, such as the use of stalkerware, and the need for comprehensive support and safety plans for survivors. 

They also talk about the challenges faced by law enforcement in investigating and prosecuting these cases, as well as the importance of training and awareness in addressing tech-enabled abuse. The conversation emphasizes the need for collaboration between organizations, tech developers, and law enforcement to effectively combat domestic abuse.

Show Notes:

Apple Support: How Safety Check on iPhone works to keep you safe - https://support.apple.com/guide/personal-safety/how-safety-check-works-ips2aad835e1/web
IBM: Five Technology Design Principles to Combat Domestic Abuse - https://www.ibm.com/policy/five-technology-design-principles-to-combat-domestic-abuse/
EFF: Today The UK Parliament Undermined The Privacy, Security, And Freedom Of All Internet Users  - https://www.eff.org/deeplinks/2023/09/today-uk-parliament-undermined-privacy-security-and-freedom-all-internet-users
Wesley Mission: More support to help escape family violence - https://www.wesleymission.org.au/about-us/what-we-do/helping-people-most-in-need/housing-and-accommodation/wesley-emergency-relief/more-support-to-help-escape-family-violence/
Refuge: How we can help you - https://refuge.org.uk/i-need-help-now/how-we-can-help-you/
Electronic Frontier Foundation - https://www.eff.org/

Si and Desi talk to Eva Galperin, Director of Cybersecurity at the Electronic Frontier Foundation, and Emma Pickering, Head of Tech and Economic Abuse at Refuge. They discuss the impact of digital forensics and incident response (DFIR) in cases of domestic abuse. They highlight the prevalence of tech-enabled abuse, such as the use of stalkerware, and the need for comprehensive support and safety plans for survivors.

They also talk about the challenges faced by law enforcement in investigating and prosecuting these cases, as well as the importance of training and awareness in addressing tech-enabled abuse. The conversation emphasizes the need for collaboration between organizations, tech developers, and law enforcement to effectively combat domestic abuse.

Show Notes:

Apple Support: How Safety Check on iPhone works to keep you safe - https://support.apple.com/guide/personal-safety/how-safety-check-works-ips2aad835e1/web
IBM: Five Technology Design Principles to Combat Domestic Abuse - https://www.ibm.com/policy/five-technology-design-principles-to-combat-domestic-abuse/
EFF: Today The UK Parliament Undermined The Privacy, Security, And Freedom Of All Internet Users - https://www.eff.org/deeplinks/2023/09/today-uk-parliament-undermined-privacy-security-and-freedom-all-internet-users
Wesley Mission: More support to help escape family violence - https://www.wesleymission.org.au/about-us/what-we-do/helping-people-most-in-need/housing-and-accommodation/wesley-emergency-relief/more-support-to-help-escape-family-violence/
Refuge: How we can help you - https://refuge.org.uk/i-need-help-now/how-we-can-help-you/
Electronic Frontier Foundation - https://www.eff.org/

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_nSWQZe9gpVk

Protecting Victims From Stalkerware And Tech-Enabled Abuse

Forensic Focus 15th November 2023 11:11 am

This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feed settings page to add an API key after following these instructions.

Latest Articles