S.O.S. (Our Software Options Series) #1 - Oxygen Forensics
Updated: Jan 25
I decided to entitle this series - S.O.S. Traditionally, everyone recognizes this as a call for help. For the purposes of this blog series, it has dual meaning. While we are choosing to have it stand for "Software Options Series" to showcase the various software systems Key Forensics has opted to invest in, it also truly does symbolize "help". Even the first system we are going to explore and share with you, Oxygen Forensics, has a tagline that reads, "Helping good people make this world safer." As mentioned on our "Mission & Values" page, we exist to help restore justice and protect humanity. The systems we use are imperative to helping us help our clients in doing just that.
While there are countless software platforms to choose from, Key Forensics wanted only the best with which to serve our clients. According to a recent January 2021 article by The Infosec Institute entitled, Popular Computer Forensics Top 19 Tools , Oxygen Forensics was listed first under the category, Mobile Device Forensics. Oxygen Forensic Detective focuses on mobile devices, but is capable of extracting data from a number of different platforms, including mobile, IoT, cloud services, drones, media cards, backups and desktop platforms. It uses physical methods to bypass device security (such as screen lock) and collects authentication data for a number of different mobile applications. Their newest version (13.2) was released in December 2020, and Key Forensics has it! With an enhanced Facial and Image Categorization engine, increased support for Samsung backups, and an improved OxyAgent utility, there is nothing out there better suited to meet the needs of digital forensic examiners.
To add even more functional support, Oxygen made two key improvements to their OxyAgent utility. First, they gave investigators the ability to extract all apk files. This data is great for gaining quick insights into what apps were installed on an Android device while also identifying possible malware. Second, investigators can now extract essential information regarding the device’s file system, such as file name, creation and modification date, size, and path. For devices with root rights, OxyAgent will extract information about the file’s access, making it even easier for investigators to locate suspicious files by hash sets.
Oxygen Forensics has been around for 20 years (see their profile & history here), and in a time when many organizations have seen decelerated progress or have even experienced diminishing returns, Oxygen Forensics has proven themselves a leader in the digital forensics community and shows no signs of slowing. Key Forensics is proud to partner with Oxygen Forensics to help ensure our clients (and our clients' clients) are leaving no stone unturned when it comes to their case.