Data Extraction
-Mobile: Oxygen Forensic® Detective offers data extraction from Apple iOS, Android devices, feature phones,media, and SIM cards. Because time is always ofimportance, simultaneous acquisition of several devices is available. Oxygen Forensic® Detective imports numerous backups and images, including iTunes, Android backups, GrayKey, JTAG, Chip-off, UFED, XRY images, .dar archives, Warrant Returns and more.
-Computer:
Oxygen Forensic® KeyScout utility focuses on extracting and decrypting credentials, system files, and user data from web browsers and desktop apps on computers running Windows, macOs or Linux. Currently there are numerous desktop apps supported, including WhatsApp, Viber, WickrMe, Telegram, Skype, Signal, Microsoft Mail, Microsoft Outlook, Thunderbird, all the popular Web browsers, pre installed Apple apps, etc. Collected tokens and passwords can be immediately used for cloud data extraction while extracted web browser, messenger and email data can be imported into Oxygen Forensic® Detective software for further analysis and analytics with mobile data artifacts in one case.
– Cloud Service: The built-in Oxygen Forensic® Cloud Extractor allows investigators to gain access to a tremendous amount of cloud services that include iCloud, Google, Microsoft, Samsung, Huawei, E-mail server, Facebook, Twitter, Instagram, Dropbox, WhatsApp, Telegram, Viber, WickrMe, etc. Our Cloud Extractor also offers the exclusive ability to decrypt WhatsApp backups via phone number.
– Drones: Oxygen Forensic® Detective enables the verbose data parsing and analysis from drone collections, flight logs, mobile apps and cloud services. Oxygen Forensic® Detective can create or import drone physical dumps and parse GPS locations showing valuable route data as well as device telemetry to include: speed, direction, altitude, temperature, and more. Currently, various models of DJI and Parrot drones are supported. Data parsing from drone applications is also available from iOS and Android devices. Investigators can decode drone images and videos, locations with time stamps and other data. Additionally, drone data extraction from cloud services can be accomplished via login/password or token from DJI, SkyPixel or My Parrot clouds.
-IOT devices: Oxygen Forensic® Detective currently offers data extraction from two popular IoT devices – Amazon Alexa and Google Home. Since it is difficult to extract data directly from devices, we provide investigators with the ability to access alternative sources – cloud and mobile apps. Investigators can gain access to cloud information via login/password or token that can often be extracted from the user’s PC or mobile devices. Oxygen Forensic® Cloud Extractor acquires a complete evidence set including voice recordings that can be played directly our software interface. Oxygen Forensic® Detective also extracts IoT app data from Apple iOS and Android devices
-WEARABLES
Oxygen Forensic® Detective performs logical acquisition of smartwatches based on MTK chipset allowing forensic experts to extract device model, contacts, calls, messages, multimedia files, and other data. Moreover, the software acquires complete data from various fitness apps, like Apple Health (including data synched with Apple Watch), Samsung Health, Google Fit, FitBit, Endomondo, and more. This valuable data can be extracted both from mobile devices and cloud services and often contains a tremendous amount of geo locations with time stamps, health data, steps and stair count with additional user statistics.
Data Analysis
-OPTICAL CHARACTER RECOGNITION
-STATISTICS
-SOCIAL LINKS
-TIMELINE
-MAPS
-DATA SEARCH
-IMAGE CATEGORIZATION
-FACIAL RECOGNITION
-KEY EVIDENCE AND TAGGING

DATA REPORTS
Oxygen Forensic® Detective enables data export from any section to many popular file formats including PDF, RTF, XLS, XML, HTML, etc. A report can be created to include a single device, several devices, several sections or even selected records. Reports are highly customizable to display only the data required, for any type of case. Our XML reports can be integrated into other analytic software platforms. Oxygen Forensic® Detective can also export data in to the Relativity software format.

Data Viewers
-PLIST VIEWER: The built-in Oxygen Forensic® Plist Viewer offers advanced analyzing of Plist files: investigators can open plain XML and binary XML files, view entries according to their type (string, data, numbers etc.), convert values, open external files for analysis, export .plist file data in XML format for further analysis by external tools.
-SQLITE VIEWER: The built-in Oxygen Forensic® SQLite Viewer is a powerful 64-bit tool for examining SQLite files. With this tool, investigators can open any SQLite database, recover deleted records, convert values to a readable format, build visual and non-visual SQL queries and save them for further use, run search and finally export selected entries to customization data reports.