Oxygen Forensic Detective 17.1 新增功能简介

Oxygen Forensic Detective 17.1 - 领先的一体化数字取证软件

digital forensic software

请访问原文链接：https://sysin.org/blog/oxygen-forensic-detective/ 查看最新版。原创作品，转载请保留出处。

作者主页：sysin.org

Oxygen Forensic® Detective

An all-in-one digital forensic software designed to extract, decode, and analyze data. Extract data and artifacts from multiple devices with the capability for both mobile and computer forensic investigations.

一款一体化数字取证软件，旨在提取、解码和分析数据。从多个设备中提取数据和工件，并具有移动和计算机取证调查的能力。

一体化数字取证解决方案

Oxygen Forensic® Detective 的特性、工具和功能比市场上任何数字取证产品都要多。通过 100 多种受支持的服务从云中获取更多信息，并从 40,000 多个应用程序版本中提取数据。

• 云

  比市场上任何其他数字取证工具提取更多的云服务 (sysin)。访问 WhatsApp、Telegram、iCloud、Google、Samsung、Microsoft、Facebook、Instagram 和 Twitter 等流行的云服务。

• 移动设备

  从超过 31,000 个设备中提取数据。Oxygen Forensic® Detective 支持多种 Apple iOS 和 Android 设备。

• 无人机

  从物理转储、无人机日志和移动应用程序中提取和分析无人机数据。

• 物联网设备

  从最流行的物联网设备中提取和分析数据：Amazon、Alexa 和 Google Home。

• 电脑

  从 Windows、Linux 和 macOS 提取并分析数据 (sysin)。Oxygen Forensic® KeyScout 无需额外付费，可查找网络浏览器和桌面应用程序的密码和令牌。

• 可穿戴设备

  摘自最流行的健康应用程序：Apple Health、Samsung Health、Huawei Health、Fitbit 等。

新增功能

Oxygen Forensic® Detective

Changes in version 17.1 (December 2024):

• Oxygen Forensic Device Extractor. Added automatic detection of connected devices.
• Oxygen Forensic Device Extractor. Added the ability to manually extract data via Android Agent.
• Oxygen Forensic Device Extractor. Added the ability to extract Slack data via Android Agent.
• Oxygen Forensic Device Extractor. Added the ability to extract Telegram scheduled messages via Android Agent.
• Oxygen Forensic Device Extractor. Added the ability to record sound while making a screen recording of device data.
• Oxygen Forensic Device Extractor. Extended the list of supported devices.
• Oxygen Forensic Device Extractor. Updated the ability to extract Firefox data via Android Agent.
• Oxygen Forensic Device Extractor. Updated the ability to extract Google Chrome data via Android Agent.
• Oxygen Forensic Device Extractor. Updated the ability to extract Zoom contacts via Android Agent.
• Oxygen Forensic Device Extractor. Updated the ability to extract Samsung Internet Browser data via Android Agent.
• Oxygen Forensic Cloud Extractor. Now iCloud Agent is built into iOS Agent in special mode.
• Oxygen Forensic Cloud Extractor. Updated the ability to authorize in Samsung Cloud Data.
• Oxygen Forensic Cloud Extractor. Updated the ability to authorize in Samsung Cloud Backup.
• Oxygen Forensic Cloud Extractor. Updated the ability to authorize in Samsung Secure Folder Backup.
• Oxygen Forensic Cloud Extractor. Updated the ability to authorize in Telegram and extract Telegram data.
• Oxygen Forensic Cloud Extractor. Updated the ability to authorize in Zoom.
• Oxygen Forensic Cloud Extractor. Updated the ability to authorize in Box.
• Oxygen Forensic Cloud Extractor. Updated the ability to authorize in Google services.
• Oxygen Forensic KeyDiver. Added the ability to create custom attack templates.
• Oxygen Forensic KeyDiver. When an encrypted Huawei HiSuite backup is imported into Oxygen Forensic® Detective, Oxygen Forensic KeyDiver is automatically opened for a passcode brute force.
• Oxygen Forensic KeyDiver. Added the attack settings window.
• Oxygen Forensic KeyDiver. Added the ability to brute force Windows OS system account passwords using NTLM hashes.
• Oxygen Forensic KeyDiver. Added the option to pause all attacks using the same hash and hash type if the active attack has brute forced the password.
• Oxygen Forensic KeyDiver. Added the ability to brute force passwords to decrypt containers and partitions protected with VeraCrypt.
• Oxygen Forensic KeyDiver. Now attacks are automatically grouped when they use the same hash and hash type or when a group of hashes for password brute forcing is imported from Oxygen Forensic® Detective or Oxygen Forensic KeyScout.
• Oxygen Forensic KeyScout. Added the ability to extract NTLM hashes from Windows.
• Oxygen Forensic KeyScout. Added the ability to search by hash sets.
• Oxygen Forensic KeyScout. Added the ability to extract passwords from Bitwarden from Windows, macOS and GNU/Linux.
• Oxygen Forensic KeyScout. Added the ability to extract NordPass data from Windows, macOS and GNU/Linux.
• Oxygen Forensic KeyScout. Added the ability to extract Brave Nightly data from Windows, macOS and GNU/Linux.
• Oxygen Forensic KeyScout. Added the ability to extract FrostWire data from Windows, macOS and GNU/Linux.
• Oxygen Forensic KeyScout. Added the ability to extract SSH keys from Windows.
• Oxygen Forensic KeyScout. Added the ability to extract 7-Zip data from Windows.
• Oxygen Forensic KeyScout. Added the ability to extract Flatpak data from GNU/Linux.
• Oxygen Forensic KeyScout. Added support for the new Search Index data storage format for Windows 11.
• Oxygen Forensic KeyScout. Updated the ability to extract Microsoft Outlook data from macOS.
• Oxygen Forensic KeyScout. Updated the ability to extract Discord data from Windows, macOS and GNU/Linux.
• Oxygen Forensic KeyScout. Updated the ability to extract Mozilla Thunderbird data from Windows, macOS and GNU/Linux.
• Malware. Added the ability to selectively scan files for malware.
• Malware. Updated SDK Avira used for scanning files for malware.
• Speech Recognition. Added an improved Large (turbo) speech recognition model and improved support for GPU.
• General. Added the ability to save hash set binary files in the Hash Set Manager.
• Import. Added the ability to import physical dumps of MTK-based devices with a simplified encryption algorithm (no TEE).
• Import. Added the ability to decrypt physical dumps of Samsung Galaxy A32 A325F and Samsung Galaxy A32 SM-A325F devices.
• Import. Added the ability to import and decrypt physical dumps of Oukitel WP10.
• Import. Added the ability to import and parse Android virtual device images in VHD and VHDX formats.
• Import. Added the ability to import and parse ArduPilot drone logs.
• Import. Added the ability to import and parse drone flight missions in AWM format.
• Import. Added the ability to import TikTok account data.
• Import. Added parsing of Google Voice data from Google Takeout.
• Import. Added free disk space check before import of .ofbx and .ofbr backups.
• Import. Updated support for MTK-based Android devices having TEE Kinibi.
• Maps. Added the ability to include map previews in the report.
• Export. Added the ability to exclude files marked with a specific tag from the report.
• Export. Added the ability to export video frames marked as Key evidence from the Files section.
• Applications. Added data parsing from over 890 new app versions. The total number of supported versions exceeds 49100.
• Applications. OS artifacts. Added parsing of Clipboard from Android devices.
• Applications. Web Browsers. Added data parsing from Brave Browser (Nightly) (1.73.60) from Android devices.
• Applications. Finance. Added data parsing from AirCash (5.31.0) from Apple iOS devices and from AirCash (5.31.0) from Android devices.
• Applications. Cryptocurrency. Added data parsing from Exodus (24.39.7) from Apple iOS devices and from Exodus (24.41.7) from Android devices.
• Applications. Web Browsers. Updated data parsing from web browsers based on the Blink engine from Apple iOS devices and from Android devices.
• Applications. Messengers. Updated data parsing from Viber (23.6.1) from Apple iOS devices and from Viber (23.9.1.0) from Android devices.
• Applications. Messengers. Updated data parsing from Threema (6.3.1) from Apple iOS devices.
• Applications. Social Networks. Updated data parsing from Instagram (356.0.0.41.101) from Android devices.

下载地址

准备开始学习和研究？请访问：https://sysin.org/blog/oxygen-forensic-detective/

更多：HTTP 协议与安全