Agent Management Center Updates
Remote Slack data extraction from Android devices
We have added the ability to extract Slack data from Android devices via Wi-Fi using the new Android Agent available in the Agent Management Center. The extracted data set includes user info, linked devices, chats, contacts, later tasks, scheduled messages, and more. The ability to collect data from Slack addresses a critical need for modern investigations, as the platform is widely used in both personal and professional environments.
Computer Artifacts Updates
New artifacts
The following new computer artifacts are supported for extraction:
- Passwords from Bitwarden Password Manager web extension used in Brave, Chromium, Google Chrome, Microsoft Edge, Opera, Vivaldi and Safari browsers from Windows, macOS and GNU/Linux
- Passwords from NordPass from Windows, macOS and GNU/Linux
- RustDesk data from Windows, macOS and GNU/Linux
- MetaMask web extension used in Brave, Brave Nightly, DuckDuckGo, Google Chrome, Microsoft Edge, Opera, Vivaldi browsers from Windows, macOS, and GNU/Linux
Additionally, we have introduced the ability to recognize virtual machines on target desktop devices.
Mobile Forensic Updates
Selective app extraction for FFS extractions
Now, specific applications can be selected when extracting the Full File System from Android devices, eliminating the need and time required to extract all applications. This feature is currently available only when using the CVE-2024-31317 exploit.
Decryption of additional user data from Qualcomm devices
We have added support for extracting encryption keys and decrypting user data for additional users on Android devices based on Qualcomm chipsets.
Android Agent supporting Android 15
We have enhanced the Android Agent functionality, allowing data extraction from devices running Android OS 15. Extending Android Agent support to Android OS 15 enables investigators to gather evidence from more devices, enhancing efficiency and expanding forensic capabilities.
Import Updates
Data Import via CLI
Introducing the ability to import single or multiple extractions of the same type via the command line. This ability can save time when importing multiple extractions into Oxygen Remote Explorer simultaneously and enables seamless integration with other solutions.
Import of exported WhatsApp chats
Oxygen Remote Explorer now supports importing exported WhatsApp chats and parsing messages with attachments and shared contacts. Providing an additional source of data from WhatsApp, one of the most widely used messaging platforms, is always valuable for investigations.
General
Speech and Text recognition enhancements
You can now perform speech and text recognition on files in the Messages, Applications, Timeline, and Files sections. Simply right-click a file in the grid and select “Speech and Text Recognition.” The recognized results will appear in the right panel.
Export Updates
Data export to Reveal eDiscovery software format
We have expanded our data export capabilities to include the export of data in the load file format, specifically designed for integration with the Reveal eDiscovery platform.
Other updates to the Export engine include the ability to:
- Exclude messages based on tags when exporting from the Messages section
- Export the Accounts and Passwords section data to JSON file format
For a full list of updates, refer to the “What’s New” file in the “Options” menu. Interested in learning more about Oxygen Remote Explorer v.1.8?
About Oxygen Forensics
Oxygen Forensics is a global leader in digital forensics software, enabling law enforcement, government agencies, enterprises, law firms, and service providers to gain critical insights into their data faster than ever before. Specializing in remote and onsite access to digital data from cloud services, mobile and IoT devices, drones, device backups, UICC, and media cards, Oxygen Forensics provides the most advanced digital forensics data extraction capabilities, innovative analytics tools, and seamless collaborative analysis for criminal and corporate investigations to bring insight and truth to data.
