WhatsApp data extraction via OxyAgent

When physical extraction is not supported for Android devices, investigators can use OxyAgent to run a logical extraction to collect a plethora of valuable data. Our OxyAgent is typically used to acquire basic artifacts, like contacts, calls, calendars, and messages. With our updated OxyAgent, logical extractions using Oxygen Forensic Detective 12.6 will now include valuable …

Revolutionary changes in Android logical extraction

Oxygen Forensics offers investigators a wide range of extraction methods for Android devices that include screen lock bypass methods, rooting, ADB backup creation, and a robust OxyAgent method for logical acquisition. Our OxyAgent allows investigators to collect important information to include contacts, calls, messages, calendars, files from both internal and external media cards, and more.  …

Selective Extractions: Popular App Data Extraction on iOS

It’s without a doubt that digital forensic tools make investigations more effective and efficient, but if your search only requires you to extract data from a few specific applications, you are forced to wait for a full file system extraction before you can access the necessary data. This issue can multiply your working time and …

Bypassing screen lock and decrypting physical dumps of Huawei devices based on Android OS v. 9 and 10.

Huawei is one of the three largest mobile device manufacturers. Huawei’s global smartphone market share was 3.3% in 2012 and as of 2019 has risen to 19%, which is quite impressive. Huawei devices are based on processors from various manufacturers including MediaTek and Qualcomm. However, the most popular, and flagship models, are based on the …

Everything you ever wanted to ask about Checkm8 and Checkra1n

What’s Checkm8? Checkm8 is an exploit (program exploiting OS or hardware vulnerabilities) aimed at obtaining access to the execution of its own software code at the earliest stage of iOS device loading. What makes it stand out? The richness, and honestly the hype, surrounding Checkm8 is that the vulnerability, which it is based, cannot be …