The Forensic 4:cast Awards, coordinated by Lee Whitfield, has been a great way to recognize those in the DFIR community who go above and beyond to contribute their amazing work in the field by sharing their knowledge, research, and tools. Over the years, some amazing contributors to DFIR have been recognized in the Forensic 4:cast … Continued
For anyone who gets returns from warrants return content from Internet Service Providers (ISPs), searching and analyzing that content can be problematic. The returns are not in a standard format and there are a vast number of artifacts. The formats can change and typically come in .zip files that can include .html, .txt, .json, .csv, … Continued
We wanted to show you some of the content that can be parsed, displayed, and searched in Magnet AXIOM from Warrant Returns. Let’s discuss Apple. Before loading an Apple warrant return, please ensure you use the Free Magnet Apple Warrant Return Assistant found on the Download Our Free Tools page, or using the instructions provided … Continued
AXIOM supports Facebook Warrant Returns that are in a .zip package as part of our Warrant Return support. Unlike Apple returns, Facebook and other providers don’t require you to decrypt the package before loading. Facebook specific content can include the Facebook Audit Log, Friend requests, Friends, Messenger Messages, Photos, Status Updates, and Wallposts. The Facebook Audit … Continued
Did you know AXIOM has built in support for Google Warrant Returns as part of our Cloud Warrant Returns feature. If you have received a return from Google in a .zip format, you can load it into AXIOM and process that evidence alongside other evidence in your case. Google Warrant Returns can be highly valuable … Continued
AXIOM Cloud supports warrant returns from a variety of providers including Instagram. Instagram warrant returns can contain a wealth of data and are available in two formats; namely .pdf and .zip. AXIOM can process warrant returns from Instagram in the .zip format. According to Instagram, the content of the records in both the PDF file … Continued
Snapchat Warrant Returns are one of the supported platforms for analysis in AXIOM. With the Cloud feature, you can load the .zip file you receive from Snapchat into AXIOM and be able to parse a wide array of content alongside your other evidence in the case. This will allow you to timeline Snapchat artifacts alongside … Continued
We’re proud to announce the availability of Magnet OUTRIDER —a new way to help you quickly find CSAM to prioritize or flag devices for additional examination. In addition to previewing material, OUTRIDER can help you by empowering Investigators on your team by quickly identifying apps on a suspect’s device and giving your team real-time intel … Continued
Magnet AXIOM 3.11 is now available to download within AXIOM or over at the Customer Portal. AXIOM 3.11 brings you new Device Identifiers — with device information like IP addresses and camera serial numbers — as well as support for .dar files from Cellebrite Advanced services and a number of new and updated artifacts, like … Continued
Beginning in Magnet AXIOM 3.11, the dar file format (or Disk ARchive) is now supported for image processing. In Cellebrite-generated .dar files, Accessed, Modified, and Changed are stored inside the .dar file. However, the Created timestamp is stored in external .plists, typically found alongside your extraction in the “MetaData” folder. For a further explanation of … Continued
