Oxygen Forensic Detective
Product Code: AP-OXY-DET
Advanced software to extract data from multiple sources
- Includes all the functionality of Oxygen Forensic® Analyst
- Finds passwords to encrypted backups and images
- Disables screen lock on popular Android OS devices
- Extracts data from clouds: iCloud, Google, Microsoft, etc.
- Offers import and analysis of call data records
- Visualizes routes and common locations of several users
Try Oxygen Forensic Detective Free for 30 Days
This trial version includes all of the features and functionality of the full, paid version. However, reports generated will feature a “Demo Version” watermark.
Oxygen Forensic Detective Features
Analyze contacts from multiple sources such as the Phonebook, Messages, Event Log, Skype, chat and messaging applications in Aggregated Contacts. Section automatically reveals same people in different sources and groups them together in one meta-contact.
Rooting a device based on Android OS reveals the complete set of user data to the investigator. Generally this procedure needs certain knowledge and research, but Oxygen Forensic® Suite helps experts to automate this operation.
Oxygen Forensic® Analyst retrieves all vital application data from mobile devices running iOS, Android OS, BlackBerry 10, Windows Phone 8. Oxygen Forensic® Analyst is able to decrypt apps databases even if they securely encrypted. Currently 320 unique applications and 1780+ app versions are supported.
Oxygen Forensic® Suite Analyst allows to import and parse data from various device backups and images created by sync software or other forensic products.
BBB and IPD are the Blackberry device backup files made with Blackberry Desktop Manager. These files can be found on a suspect computer or external media like CD, DVD, memory disks and cards etc. Oxygen Forensic® Suite is able to extract and present forensically important information from backup files and chip-off images.
Calendar & Tasks
Organizer section displays notes, tasks, and calendar entries created or synchronized by device user. The set of sub-sections and their features depends on the seized device manufacturer and exact model.
Call Data Records
Oxygen Forensic® Call Data Expert is a forensic program that allows importing and analyzing CDR files (Call Data Records) received from mobile service providers regardless of the difference in their column formats and file layouts.
Chinese Phones Support enables forensic experts to extract data from popular phone replicas and low-cost devices. Oxygen Forensic® Suite is able to acquire from Chinese devices important user data like event log, messages, contacts and files.
Cloud Data Extraction
Oxygen Forensic® Detective acquires data from more than 20 cloud storages: iCloud contacts and calendar, Google Drive, Google Location History, Live contacts and calendar, OneDrive, Dropbox and Box as well as from a wide range of social media including Twitter and Instagram.
Data Scout retrieves subscriber data from any extracted phone number. It interacts with online lookup services to gather intelligence information of collected phone numbers from mobile device extractions.
Various data viewers help experts to analyze extracted data in a convenient way. Oxygen Forensic® Suite has built-in HEX-viewer, picture viewer, music and video players, text viewer with code page converter, HTML, SQLite and Plist Viewers.
Device information section displays complete technical information about the device. This includes Manufacturer, Retail Model Name, Platform and its revision, IMEI, MAC addresses, IMSI, Serial Number, phone number and any other model specific data.
Dictionaries section shows all the words ever entered in device messages, notes and calendar. These are not words from the device system dictionary, they are from unique user dictionary that is created by device owners when using it.
Event Log section contains users’ voice communication: dialed, received and missed calls. Experts find here call time, duration and remote party. Recovering deleted calls is available for certain types of devices: iOS and Android OS smartphones.
File Browser section is a powerful tool to access and analyze user photos, videos, documents and device databases. Built-in text, hex, multimedia, SQLite, Plist viewers, Geo-location and EXIF extractors help experts to view files and their properties.
Web Connections & Locations section reveals suspects’ visited places and routes. Experts can analyze several sources of Geo data: Wifi connections, IP connections and Locations databases.
Global Search allows discovering user data in every section of the device. Tool offers searching for text, phone numbers, emails, geo coordinates, IP addresses, MAC addresses, Credit Card numbers. Regular expressions library
iTunes backup found on a suspect computer is a regular practice due to the popularity of Apple devices. Oxygen Forensic® Suite offers experts an easy way to extract suspects’ private data from the iTunes backup files.
Key Evidence section offers a clean, uncluttered view of evidence marked as essential by investigators. Forensic specialists can mark certain items belonging to various sections as being essential evidence, then review them all at once regardless of their original location.
Links and Stats
Quickly reveal social connections between users of mobile devices under investigation and their contacts. Links and Stats section provides a convenient tool to explore social connections between device users by analyzing calls, text, multimedia and e-mail messages and Skype activities.
Locked devices acquisition
Oxygen Forensic® Detective offers a new physical method for Samsung Android devices using our forensic custom recovery function. This approach covers the latest Samsung devices based on Android OS, like Galaxy S5, Galaxy S6, etc.
Messages section contains users’ correspondence including SMS, MMS, Emails, iMessages and other depending on the device type. Recovering deleted messages is available for certain types of devices: iOS, Android OS and Symbian OS smartphones.
Oxygen Forensic® Suite grants the access to popular Navigation applications and reveals POIs, routes and searches that device user made.
Oxygen Forensic® Maps
Oxygen Forensic® Detective acquires geo coordinates from all possible sources including: mobile devices, cloud storage, media cards, and imported images.Once analyzed, the data can be viewed within both online or offline maps.
Passware Kit Module
Passware Kit Mobile Module enables straightforward data acquisition and decryption regardless of the data source: smartphone, tablet, cloud service or backup file.
Passwords section displays logins and passwords extracted from default secure storage like keychain database. Applications files can also contain this valuable data. Oxygen Forensic® Suite parses them for it and displays nearby.
Phonebook section contains users’ contacts with all its data: name, occupation, phone numbers, addresses, emails, notes. Depending on the device experts gain access to the private information of the contacts, like birthdays, relatives’ names and anniversaries.
Plist files, known as Property List XML Files, contain a lot of valuable forensic information in Apple devices. Browser history, Wi-Fi access points, speed dials, Bluetooth settings, global applications settings, Apple Store settings and even more data can be extracted from .plist files.
When it comes to solving a crime, reports are one of the most important things for the investigator. Popular file formats and ability to export or print the whole set of data or only important parts helps experts to show the result of their work in the best way.
Screen Lock Disabler
With locked devices being a top forensic problem we are doing our best to invent new methods to recover digital evidence even in the most challenging cases.
Skype & Messengers
Oxygen Forensic® Suite supports a lot of mobile messengers like Skype, Facebook, WhatsApp, Viber and others.
Social Graph visualizes complex connections inside crime groups. This is a highly adjustable workplace that allows forensic experts to review connections between mobile device owners and their contacts, pinpoint connections between multiple device owners, and detect their common contacts.
Oxygen Forensic® Suite can detect spyware apps installed on Android and Apple devices, discover and process their logs and configuration files.
SQLite Viewer allows to explore the database files with the following extensions: .sqlite, .sqlite3, .sqlitedb, .db, .db3. Experts have the access to the actual and deleted data stored in databases created by system and user applications.
Timeline allows to view all facts of mobile device usage in one sorted list. This section organizes all calls, messages, calendar events, geo data and other activities in chronological way, so you can easily follow the conversation history without the need to switch between different sections.
Oxygen Forensic® Suite supports all popular Web browsers for Android OS, Apple iOS, BlackBerry OS and Symbian OS platforms.
Windows Phone Cloud
Smartphone users tend to have a backup copy of their data in the cloud, provided by their device manufacturer or a 3rd party. Windows Phone platform has own storage to securely save users’ contacts, messages, application data, settings, files and more. Oxygen Forensic® Suite is the industry-first forensic software that is able to extract data from My Windows Phone cloud.