Oxygen Forensic® Passware® Analyst
Oxygen Forensic® Passware® Analyst is a brand-new and tightly integrated combination of two award-winning forensic tools in a single acquisition and analysis suite.
The new product enables straightforward mobile acquisition, extraction, decryption and analysis regardless of the data source.
Oxygen Forensic® Passware® Analyst can acquire information from a wide range of platforms and a great deal of individual models, supports acquisition and data extraction from live devices and device images, offline and cloud backups. In this update, the product adds iCloud backup to its more than 20 extraction methods.
The downloaded data presents the full iOS backup as a complete evidence set including all call, messaging and browsing history, the entire file system, applications, geolocation and deleted data, and much more.
Oxygen Forensic® Passware® Analyst:
- acquires full iPhone, iPad and iPod Touch backups from iCloud provided that the Apple ID credentials are known
- enables experts to recover passwords for:
- iTunes backups
- Android backups
- Android physical images
The product helps to find passwords with latest algorithms and technologies including distributed processing and GPU acceleration with ATI and NVIDIA boards.
Forensic specialists can view data in the easy-to-use interface, uncover deleted records, track user location, process extracted information with embedded analytical tools and print court-proven customizable reports.
How it Works – Features/Functions
Should an investigator encounter a password-protected data backup, Oxygen Forensic® Passware® Analyst automatically attempts to bypass or recover the password by using brute-force, dictionary, or other easily customizable attacks to deliver full access to protected information in the shortest time possible. Integrated password recovery with full GPU acceleration (AMD and NVIDIA cards), as well as distributed computing, is available for Android images, iTunes, and Android backups to further speed up the recovery.
In particular, Oxygen Forensic® Passware® Analyst offers advanced features and functions:
- Oxygen Forensic® Passware Analyst integrates mobile acquisition, data extraction, password recovery and evidence analysis into a single smooth workflow.
- The newly added password recovery module engages automatically if a password-protected or encrypted data backup or image is encountered, offering smooth automatic recovery and extraction of protected data with no manual operations required.
- The tool supports recovery of iPhone and iPad backup passwords (iTunes backup files, iOS 4.x – 7.x).
- Helps to recover Android backup passwords.
- Finds passwords for Android physical images (lockscreen passwords).
- Supports various password recovery attacks: brute-force, dictionary, password length, etc to bring expected results in the short period of time.
- All password recovery processes support GPU acceleration (both NVIDIA and AMD) and distributed computing.
- Incorporates 20+ extraction methods, including live data acquisition, various device backups and images import as well as extraction from the cloud.
- Supports live data acquisition from 9200+ mobiles devices running on iOS, Android OS, Windows Phone 8, Windows Mobile 5/6, RIM (Blackberry), Symbian OS, Bada OS, Chinese MTK chipset as well as feature phones.
- Acquires full evidence set: contacts, messages, calls, entire file system, user dictionaries, geo data, WiFi connections history and much more.
- Parses user data from 500+ most popular applications including as social networks, messengers, navigation, web browsers, productivity, etc and analyzes shared files and communications.
- Extracts passwords and gives an access to messengers, social networks, saved maps, cloud stores, mailboxes and other services.
- Automatically detects data for Spyware applications to identify if the device user has been watched for a certain period of time.
- Extracts geo-location data from all possible sources to determine what happened, when and even where.
- Offers embedded analytics of extracted data:
- Timeline. Reveals suspect's or victim's way of life with locations and communications before, during and after an incident.
- Social Graph. Finds evidence and reveals all social connections between multiple devices in just few clicks.
- Activity Matrix. Analyzes the most active periods of device usage and displays activity statistics for a particular person or time period.
- Aggregated contacts. Gains instant access to the most complete information about a contact available throughout the device.
- Links & Stats. Offers a quick glance over the user’s communication circles and determine most frequent contacts at a glance.
- Contains easy-to-use and the most effective algorithm to recover deleted records from SQLite databases for contacts, messages, calls and various apps.
- Supports cross-device customizable search engine to reveal phone numbers, e-mails, geo coordinates, CC numbers, hash values, IP or MAC addresses.
- Builds and prints reports using the most popular file formats (XLS, RTF, PDF, XML, CSV, TSV, etc.).