archives

How-Tos

This category contains 44 posts

How To Decrypt WhatsApp Messages With Oxygen Forensic Detective

Welcome to Oxygen Forensic Detective’s Knowledge Nuggets. In this video we’re going to discuss decrypting WhatsApp messaging. Let’s go over a few very important points that you need to consider before analyzing WhatsApp.  Number one: always place the device in airplane mode. This is important for many reasons, but the reason specific to WhatsApp is … Continue reading

How To Extract Cloud Data Using Oxygen Forensic Detective’s Cloud Extractor

Welcome to Oxygen Forensic Detective’s knowledge nuggets. In this video, I will show you how simple it is to extract cloud data using Detective’s Cloud Extractor. If you weren’t already aware, Oxygen Forensic Detective has a lot more to it than just extracting and parsing cell phones. Our Cloud Extractor is included, meaning if you … Continue reading

How To Acquire Cloud Data With MD-CLOUD

‘17.5 Zettabytes.’ This is the amount of data that the IDC estimates will be generated annually by 2025, and among those numbers, cloud traffic is expected to grow and reach 18.9 Zettabytes by 2021. This tremendous amount of cloud data is generated and fueled in the course of building driver assistance and autonomous vehicle technologies; … Continue reading

How To Analyze Call Data Records In Oxygen Forensic Detective

Hi, this is Amanda Mangan with Oxygen Forensics. In this video, we’re going to go over Oxygen Forensics’ Call Data Expert. The first thing we’ll discuss is, what exactly is a CDR? A CDR is a call data record, and we’ll talk about the different carriers and the different information that may come with each … Continue reading

How To Parse AirDrop Artifacts In Magnet AXIOM

Hey everyone, Trey Amick from Magnet Forensics here. Today we’re going to be looking at a new set of artifacts specific to Mac investigations, which will be released as part of the AXIOM 3.8 release. Today we’re going to be looking at dedicated AirDrop artifacts that AXIOM can now parse out. AirDrop is a service … Continue reading

How To Use Social Graph In Oxygen Forensic Detective

Hello, this is Keith Lockhart from the Oxygen Forensic training department, and this video is talking about the Social Graph inside Oxygen Forensic Detective. To fully understand the Social Graph and the things it can do for you, you kind of have to understand several other facets of your data and how that data is … Continue reading

How To Search For Visual Data With Griffeye Analyze DI

In this video, we’re going to discuss how to use the ‘Search’ function to help you quickly locate files of interest within your case. Analyze DI allows users to search for not only text-based information, but also visual clues as well. Adding visual clues into your workflows can really improve efficiency and help you get … Continue reading

How To Extract Credential Data Using KeyScout

Hello, this is Keith Lockhart from Oxygen Training, and this video is going to discuss the KeyScout application. The KeyScout application is one of the tools available in the tool suite concept of the Forensic Detective product. KeyScout is a standalone application that can be run locally or on the go, we’ll look at use … Continue reading

How To Use Quin-C’s Simple Review Widget

Hello and welcome everybody to this video about Quin-C. Today we will be talking about a widget called Simple Review. Simple Review is a widget which has been designed for examiners whose everyday job is to run the index searches or keyword searches; perform tagging, bookmarking, viewing, labelling and exporting data. So if you are … Continue reading

How To Easily And Accurately Play CCTV And Other Proprietary Video With Amped Replay

by Blake Sawyer, Amped Software For Law Enforcement across the world, one of the biggest hindrances to actionable evidence comes from CCTV. There are sites devoted to providing codecs, of which there are hundreds, and IT departments that spend most of their time managing the many players from each DVR manufacturer. In my old casework, … Continue reading

How To Digital Forensic Boot Scan A Mac With APFS

by Rich Frawley  In this short 3-minute video, ADF’s digital forensic specialist Rich Frawley shows how to boot a MacBook Air (APFS, non-encrypted) with Digital Evidence Investigator. The ADF digital forensic team is hard at work putting the finishing touches on the complete package: Enabling FileVault support at boot Allowing the input of credentials, much like … Continue reading

How To Conduct A Live Forensic Scan Of A Windows Computer

Learn how to conduct a Windows live scan with ADF Solutions Digital Evidence Investigator.  Two USB ports are required to complete a scan, one for the Collection Key and one for the Authentication Key, once the scan has started the Authentication Key can be removed. A USB hub may be used in cases where the target … Continue reading

How To Use The Griffeye Intelligence Database

Beginning with version 19, Griffeye Analyze DI Pro and Core will start using the new Griffeye Intelligence Database, or GID, to replace the legacy intelligence manager. In this video, we’re going to discuss the changes that the GID brings to the Analyze DI interface, and how to use the Griffeye Intelligence Database system within your … Continue reading

How To Transfer A Password Recovery Process To A Different Computer Using Passware

Did you know that Passware Kit can create a snapshot of a password recovery process at any time and resume it on a different computer? Running a password recovery attack, especially for multiple files or drives, might be a long process that requires a lot of hardware resources. In some cases, it might be necessary … Continue reading

How To Decrypt BitLocker Volumes With Passware

Decrypting BitLocker volumes or images is challenging due to the various encryption options offered by BitLocker that require different information for decryption. This article explains BitLocker protectors and talks about the best ways to get the data decrypted, even for computers that are turned off. BitLocker Encryption Options Protectors that can be used to encrypt … Continue reading

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,313 other followers