From FileVault To T2: How To Deal With Native Apple Encryption

While Apple’s commitment to user privacy and security remains their priority, the field of computer forensics faces a solid challenge when it comes to extracting evidence from encrypted Apple devices. This article provides comprehensive insights into Apple’s native encryption, covering

How To Use The Macroblocks Filter In Amped FIVE

In this latest article, David Spreadborough, a Forensic Analyst at Amped Software, looks at why compression is a factor when analyzing video before giving us a run-through of the Macroblocks filter in Amped FIVE. Read on to learn more. You

Extracting Google Chrome Using Android Agent

Hey there everyone. It’s Ryan from your Oxygen Forensics training team, and today what we’re going to discuss is using our Android agent to collect Google Chrome data as a third party app on our Android devices. This is going

How To Preview Evidence On A Mobile Device

As smartphones continue to play an ever-increasing role in our lives, law enforcement, and digital forensics professionals are faced with the challenge of efficiently extracting and processing information from these devices. This is where  Mobile Device Investigator (MDI)  comes into

How To Scan A Mobile Device With Mobile Device Investigator

In today’s digital age, mobile devices have become an integral part of our lives. They store a wealth of personal information, making them an attractive target for malicious actors. Whether you’re an investigator, a digital forensics expert, or simply concerned

How To Use Rapid Hash Matching In The Battle Against CSAM

Technology has fast become a double-edged sword: the same advancements that allow for a more connected and more enjoyable life also put child safety at terrible risk. Child sexual abuse materials (CSAM) can nowadays be found in virtually any online

Amped Replay – Video Evidence Made Easy. And Safe!

Handling and storing Digital Media Evidence has plagued Law Enforcement agencies around the world for far too long. Copious amounts of discs, media cards and USB drives containing Police evidence in the form of video and audio recordings have come

How To Use The Validation Tool In Amped FIVE

In this how-to guide, we will cover validation and accreditation, the process of generating a dataset, and how to use the new Validation Tool incorporated into Amped FIVE. Validation of forensic processes has always been an imperative task for Forensic

When Did It Happen? Dealing With Timestamps in Amped FIVE

By David Spreadborough – Forensic Video Analyst at Amped Software There are several common components within a CCTV Video file. This article from Amped Software is going to dive into the data that links the image to the time when

Examining Vehicle Data With Magnet AXIOM

Hi, this is Kim Bradley with Magnet Forensics. Today, we’ll be learning how to process vehicle data by using an exported extraction from Berla’s iVe software.  First, to get the extraction you’ll need to export using iVe. You can do

How to Automatically Tag Your Assets During an Investigation

Binalyze exclamation point logo with screenshot of list of endpoints
How many Web Servers, Mail Servers, Domain Controllers, and other critical assets do you have on your network or the network you have been asked to investigate? More often than not, nobody can answer this question quickly and this slows

APK Downgrade in Oxygen Forensic Detective

Hey everybody. This is Josh Smith with the Oxygen Forensics training team. And today I’m going to show you a new extraction method:  the Android APK Downgrade method. The Android ADB backup is, like I said, a very common method,