Oxygen Forensic® Detective 15.4 Introduces Support For iFlight Drone Logs And Huawei Health Cloud

by

The latest update to our all-in-one solution is here, Oxygen Forensic® Detective v.15.4!

This version introduces the following key features:

Extraction of Google Chrome artifacts via Android Agent

Oxygen Forensic® Detective v.15.4 enables extraction of Google Chrome artifacts via Android Agent from any supported unlocked Android device. Android Agent can be installed on a device via USB, WiFi, or OTG device. Once the acquisition process is finished, the Android Agent extraction can be imported into Oxygen Forensic® Detective for review and analysis. Evidence sets will include account details, saved logins and passwords, credit cards, history, opened tabs, bookmarks, and downloads.

iOS Agent updates

In the recent versions of Oxygen Forensic® Detective, we’ve added two enhancements for iOS Agent method:

  • In the minor update of Oxygen Forensic® Detective v.15.3.1 we’ve added the ability to extract the full file system via iOS Agent from iOS devices running versions 15.0 – 15.7.1 and 16.0 – 16.1.2.
  • Oxygen Forensic® Detective v.15.4 now allows selecting an exploit if several are available for the particular iOS device model.

App support

In Oxygen Forensic® Detective v.15.4, we’ve added support for the following new apps:


Get The Latest DFIR News

Join the Forensic Focus newsletter for the best DFIR articles in your inbox every month.


Unsubscribe any time. We respect your privacy - read our privacy policy.

  • iScanner (Apple iOS, Android)
  • Notion (Apple)
  • Session (Android)
  • Telegram Web (Android)

The total number of supported app versions now exceeds 36,300.

Import of iFlight drone logs

We’ve enhanced our drone support by adding the ability to import and analyze iFlight drone logs that can be found on memory cards of remote controls. Evidence sets will include the following parameters: flight date and time, geo coordinates, battery level, altitude, and ground speed. The flight can be visualized on the built-in map in our software.

Import of iVe backups of vehicles

Now you can import and parse vehicle evidence from Berla iVe backups. To do this, click the “Third-party extractions” option in the Home screen and follow the instructions. The evidence set may include detailed vehicle information, connected mobile devices, calls, vehicle speed info, search and location history, files from the vehicle multimedia system, and other available artifacts.

Import of MD-Next extractions

Oxygen Forensic® Detective v.15.4 can now ingest and parse MD-Next physical extractions of Android devices. Evidence sets will include all data, including apps.

Huawei Health extraction

We are enhancing our support for cloud fitness apps, and with this release, we are incorporating extraction of Huawei Health data via login and password, token, phone number, or QR code. Extracted evidence will include all health data: workouts, medical data, routes, and more.

Telegram updates

We’ve significantly improved support for the latest Telegram features. Now you can extract more data from Telegram cloud:

  • recent actions of group chats that are available to the group admins
  • group chats with enabled topics
  • collectible usernames

We’ve also updated the ability to extract Telegram tokens from Apple iOS devices.

KeyScout updates

With the updated Oxygen Forensic® KeyScout, investigators can perform the following:

  • extract data from drives and images with Logical Volume Manager partitions
  • analyze Windows RAM images in padded RAW and Crash Dump (DMP) formats while analyzing drives or drive images
  • collect and filter files by size.

New and updated artifacts

A number of artifacts were introduced and updated in KeyScout. Users can collect the following new artifacts:

  • a web version of WhatsApp from Chromium, Microsoft Edge, Brave, and Vivaldi browsers from Windows, macOS, and Linux
  • a web version of Slack from Chromium, Brave, and Vivaldi browsers from Windows, macOS, and Linux
  • a web version of Instagram from Chromium, Microsoft Edge, Brave, and Vivaldi browsers from Windows, macOS, and Linux
  • AnyDesk data from Windows, macOS, and Linux
  • Find My data from macOS
  • the list of system user accounts and groups from macOS
  • VPN connection settings from Windows

Updated artifact support includes:

  • Amazon Photos from Windows and macOS
  • the information about Bluetooth devices from macOS

Interested in trying out Oxygen Forensic® Detective v.15.4? Request a free trial.

Leave a Comment

Latest Videos

Forensic Focus

Forensic Focus
In this webinar, David Spreadborough, Forensic Analyst at Amped Software, provides a closer look at those important early stages in investigations involving video evidence. Starting with establishing the integrity of the digital data and evaluating the authenticity of the produced visual image. From demonstrative timelines to speed estimation, the evidential foundations are paramount in every case. Failure to consider these steps and misinterpreting the data can cause unnecessary delays, mistakes, and potentially even miscarriages of justice. Amped FIVE is used to conduct data analysis, file conversion, and assessment of image reliability. Useful links: Amped FIVE - https://ampedsoftware.com/five Video Evidence Principles - https://blog.ampedsoftware.com/2023/0... CCTV Acquisition introduction - https://blog.ampedsoftware.com/2023/0...

In this webinar, David Spreadborough, Forensic Analyst at Amped Software, provides a closer look at those important early stages in investigations involving video evidence. Starting with establishing the integrity of the digital data and evaluating the authenticity of the produced visual image.

From demonstrative timelines to speed estimation, the evidential foundations are paramount in every case.

Failure to consider these steps and misinterpreting the data can cause unnecessary delays, mistakes, and potentially even miscarriages of justice.

Amped FIVE is used to conduct data analysis, file conversion, and assessment of image reliability.

Useful links:

Amped FIVE - https://ampedsoftware.com/five
Video Evidence Principles - https://blog.ampedsoftware.com/2023/0...
CCTV Acquisition introduction - https://blog.ampedsoftware.com/2023/0...

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_dnSPwNdMn5M

Investigating Video: The Vital First Steps

Forensic Focus 13th May 2024 10:09 am

Read more at https://www.forensicfocus.com/news/forensic-focus-digest-may-10-2024/ #dfir #digitalforensics

Read more at https://www.forensicfocus.com/news/forensic-focus-digest-may-10-2024/ #dfir #digitalforensics

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_QVjq2Xu_MQ8

Forensic Focus Digest, May 10 2024 #dfir #digitalforensics

Forensic Focus 10th May 2024 12:43 pm

In this webinar, Jordan Portfleet from the Oxygen Forensic Training Team introduces KeyDiver, a new module integrated into Oxygen Forensic Detective. KeyDiver is designed to find passwords to decrypt various encrypted data sources like BitLocker and FileVault2 encrypted volumes, encrypted ZIP files, Apple Notes, Telegram Desktop app, and more. Jordan provides an in-depth walkthrough of KeyDiver's features and demonstrates how to create different types of brute force attacks like mask attacks, dictionary attacks, and custom password guessing. He explains the various settings available for customizing attacks, managing GPU utilization, monitoring progress, and more. Jordan also shares tips on leveraging additional data sources and social engineering techniques to improve password guessing success rates.

In this webinar, Jordan Portfleet from the Oxygen Forensic Training Team introduces KeyDiver, a new module integrated into Oxygen Forensic Detective.

KeyDiver is designed to find passwords to decrypt various encrypted data sources like BitLocker and FileVault2 encrypted volumes, encrypted ZIP files, Apple Notes, Telegram Desktop app, and more.

Jordan provides an in-depth walkthrough of KeyDiver's features and demonstrates how to create different types of brute force attacks like mask attacks, dictionary attacks, and custom password guessing. He explains the various settings available for customizing attacks, managing GPU utilization, monitoring progress, and more.

Jordan also shares tips on leveraging additional data sources and social engineering techniques to improve password guessing success rates.

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_3hDBpcA9rdw

Oxygen Forensic® KeyDiver

Forensic Focus 9th May 2024 11:08 am

Load More... Subscribe
This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feeds settings page to add an API key after following these instructions.

Latest Articles

Investigating Video: The Vital First Steps
Webinars

Investigating Video: The Vital First Steps

ByAmpedSoftwareMay 13, 2024
Forensic Focus Digest, May 10 2024
News

Forensic Focus Digest, May 10 2024

ByForensic FocusMay 10, 2024
Oxygen Forensic® KeyDiver
Webinars

Oxygen Forensic® KeyDiver

ByOxygenForensicsMay 9, 2024
Detego Global Announces Webinar To Demonstrate The Powerful New Features Of Detego v4.16
News

Detego Global Announces Webinar To Demonstrate The Powerful New Features Of Detego v4.16

ByDetego Digital ForensicsMay 8, 2024
Digital Forensics Round-Up, May 08 2024
News

Digital Forensics Round-Up, May 08 2024

ByForensic FocusMay 8, 2024
UK Parliamentary Legislation Introduced Against Deepfakes
News

UK Parliamentary Legislation Introduced Against Deepfakes

ByForensic FocusMay 2, 2024