We are excited to introduce a completely redesigned, reengineered and powerfully enhanced version of Oxygen Forensic® Detective! It is available to all current and licensed users directly from their customer area. Let’s highlight its key and differentiating features:

Extremely fast data parsing Oxygen Forensic® Detective 12.0 delivers data parsing and decoding at speeds 3 times faster to support massive data sets from multiple data sources.

New multi-tab interface Now, working with several sections or extractions is painless and allows for effortless data comparing. Opened tabs are saved between program sessions.

Files section for a case Now you can view the Files sections of several extractions together to deeply analyze acquired files, filter duplicates, search by hash sets, etc.

Facial recognition You can use our Facial Recognition and clustering component in the Faces section within Oxygen Forensic® Detective 12.0.

New artifacts parsing In our new OS Artifacts section, you can find device logs as well as Screen Time information from Apple iOS devices.

Detailed analytics for every app Our parsed and extracted app data has got a powerful view. Now, for every app you have built-in analytics, Chats view, Timeline, and Social Graph.

New Device Statistics section We now show detailed statistics about the extraction up front: Top 10 applications, Top 10 groups, Top 10 contacts, Last contacted, Key Evidence and Tags.

Convenient tags manager Our filtering is second to none. We added a number of predefined tags, to include: Nudity, Weapon, Guns, Important, Not Relevant, and more. You can also set your own tags and even export data by selected tags.

DETECTIVE 12.0®

OCTOBER 2019

OXYGEN FORENSIC 75 cloud services

31,500+ devices

12,000+ app versions

Oxygen Forensics www.oxygen-forensic.com support@oxygen-forensic.com

Welcome Oxygen Forensic® Detective 12.0

Email and Messenger data from PC

We have brought our built-in KeyScout to a new level by adding the ability to acquire data from a wide range of email clients and messengers from Windows based PCs. The current version now supports extraction of user data from Skype, Viber, Unigram, Wickr Me messengers as well as retrieval of credentials, emails, calendars and other available information from MS Outlook, Thunderbird, and Windows Mail clients.

As for our support of the various desktop Messengers, the evidence set includes contacts, chats and shared information. Wickr Me data from the PC is encrypted, but we offer several methods of decryption. Since secure Wickr Me Messenger is hard to collect from mobile devices, the extraction from a PC is a great alternative. Unigram is the Windows version of the popular Telegram messenger. Oxygen Forensic® Detective can extract all Unigram data including secret chats that are also available only from mobile devices and not from the cloud.

Besides the above-mentioned features, the latest KeyScout can also find credentials for JIO and LinkedIn accounts that can be immediately used for cloud extraction.

Still all-in-one software Oxygen Forensic® Detective 12.0 still offers all the capabilities out of the box – extract data from mobile and IoT devices, cloud services, drones, PC and analyze it in the same interface. The only turn-key solution in the market.

The all new Viewer is available The portable Oxygen Forensic® Viewer is compatible with the brand-new Oxygen Forensic® Detective 12.0 files and is available for download from your customer area.

Computer forensics

Oxygen Forensics www.oxygen-forensic.com support@oxygen-forensic.com

TikTok app data extraction

TikTok is rapidly gaining popularity. However, the concerns regarding the app and its content are growing as rapidly as its popularity. Understanding this we have added complete data extraction from TikTok from Apple iOS (both non-jailbroken and jailbroken) and Android physical dumps.

From Apple iOS devices we extract detailed account information, user name and surname, the profile picture and the description of main account and additional ones that had previously logged in from a device. From Apple iOS devices we also receive the contact list, which includes followers, follows and unfollowed, deleted contacts. Chats information is extracted from Apple iOS devices as well, including deleted messages.

From Android devices all previously described categories are supported along with user downloads, activity history, audio files and hashtags both used and searched.

Mobile forensics

QR code extraction for Viber Messenger

The QR code method, exclusively available in Oxygen Forensic® Detective, has already proved to be efficient on already supported WhatsApp and Line Messengers in cases when data extraction is required in the shortest time possible. To quickly acquire the account information, contacts and incoming messages from Viber simply scan a QR code from an unlocked mobile device and have the extracted evidence in Oxygen Forensic® Detective in a matter of minutes. Our KeyScout can also be used to find the QR token on Windows based PCs if Viber for Desktop has been used. This token will allow immediate Viber data extraction in Oxygen Forensic® Cloud Extractor.

Cloud forensics

Oxygen Forensics www.oxygen-forensic.com support@oxygen-forensic.com

Complete JIO support

Oxygen Forensic® Detective 12.0 introduces the industry-first support for Jio phones, a line of feature phones marketed by Jio company headquartered in India. Our support covers all three sources of data:

• Mobile device. You can bypass screen lock and do physical extraction from Jio Phone 1 and Jio Phone 2 that are based on Qualcomm chipsets. These phones use KaiOS so we have also introduced support for this operating system in our software. • Jio cloud service. You can extract account information, devices, contacts, messages, files and other valuable data from the cloud via Jio, Google or Facebook login/password or token. • Windows PC. Our KeyScout can extract the account information, token and files from Jio Cloud from Windows-based PCs.

Mobile forensics, cloud forensics, computer forensics

Oxygen Forensics www.oxygen-forensic.com support@oxygen-forensic.com

KaiOS support

In Oxygen Forensic® Detective 12.0 we have added exclusive support for KaiOS, a mobile operating system based on Linux. Extracted evidence set includes contacts, messages, calls, web connections history and WhatsApp Messenger data.

Mobile forensics

Device statistic section

Oxygen Forensic® Detective 12.0 offers you absolutely new device statistics section that shows the detailed statistics about extraction: Top 10 applications with the greatest number of communications, Top 10 groups, Top 10 contacts, Last contacted, Key Evidence with tags and notes. A great place to get a head start on the mobile forensic investigation.

Data analysis

Drone data visualisation

We have added extraction of additional information from DJI RAW flight log files: drone battery level, temperature, voltage, current, etc This information can be visualized on Oxygen Forensic® Maps together with a flight path.

Drone forensics

Oxygen Forensics www.oxygen-forensic.com support@oxygen-forensic.com

New OS and device support

Oxygen Forensic® Detective 12.0 brings support for Apple iOS 13, Android 10, Apple iPhone 11, Apple iPhone 11 Pro, Apple iPhone 11 Pro Max and over 1,500 Android devices that include Xiaomi Mi 2A, Xiaomi Mi 9 Lite, Samsung Galaxy Fold, Samsung Galaxy Fold 5G, Samsung Galaxy Note 10, Samsung Galaxy Note 10 5G, etc. The total number of supported devices exceeds 31,500!

Mobile forensics

App support

New apps

We have added data parsing from a couple of new apps as well as updated over 600 app versions from Apple iOS and Android devices. The total number of supported app versions exceeds 12,000!

Mobile forensics

3.1.1Discord

3.12JioCloud

3.4.3Likee

13.0.0TikTok

9.0.9Discord

17.12.9JioCloud

3.4.3Likee

12.7.3TikTok

Oxygen Forensics www.oxygen-forensic.com support@oxygen-forensic.com

Updated apps

Evernote (8.23)

Google Keep (2.2019.34)

FaceApp (3.4.12)

Fitbit (3.5)

Firefox (18.2)

imo video calls and chat (2019.8.4)

Line (9.13)

LinkedIn (9.146)

OK (8.16)

SHAREit (3.1.38)

TamTam (2.6.4)

Threema (4.3.2)

Viber (11.3)

VSCO (129.0)

WhatsApp Messenger (2.19.91)

Waze (4.54.1)

WhatsApp Business (2.19.91)

Zangi Private Messenger (4.6.1)

Yandex Disk (2.81)

Yandex.Mail (3.89.0)

Evernote (8.12)

Flipboard (4.2.22)

FaceApp (3.4.14)

Facebook Messenger Lite (64.0.1.16.235)

Google Chrome (77.0.3865.73)

Google Photos (4.24.0.268085645)

Google Keep (5.19.331.03.40)

Google Translate (6.1.1)

Instagram (110.0.0.16.119)

ICQ (4.4.076)

Line (9.14.1)

LinkedIn (4.1.347)

Microsoft Outlook (3.0.107)

OneDrive (10.82.19)

Opera Mini Browser (44.1.2254.142553)

Plus Messenger (5.9.0.1)

Romeo (3.6.5)

SHAREit (5.0.59_ww)

Twitter (8.12.0-release.00) from

Threema (4.11)

Telegram (5.11.0)

VSCO (125)

Viber (11.3.1.1)

Waze (4.54.1.1)

WhatsApp Business (2.19.90)

YouTube (14.35.54)

Yahoo! Mail (5.43.4)

Apple iOS Android OS

Oxygen Forensics www.oxygen-forensic.com support@oxygen-forensic.com