RSS Feed
Knowledgebase : DS
We are constantly updating our YouTube Channel with How-To videos for our customers with Paraben's E3 Software.  Check them out and subscribe! https://www.youtube.com/user/ParabenForensics  [https://www.youtube.com/user/ParabenForensics]
How to Turn ON and Collect Logs within E3 * Case * Options * Check  * Enable exteded logs * Enable logging for plug-ins * Enable serial log during mobile acquisition (IF acquiring a mobile device) * REPRODUCE THE ISSUE * Archive folder...
E3 provides several engines for detect malware or suspicious files. The first one can scan any added evidence. This is malware scan from content analysis. However, it searches for malware in Windows PE files. For example it will find unsigned files or m...
iOS Device Firmware Logical Support Physical Support 1.x x x 2.x x x 3.x x x 4.x x x 5.x x x 6.x x x 7.x x x 7.1 x x 7.1.1 x x 8.0.x x x 8.1.x x x 8.2.x x x 8.3 x x 8.4 ...
ANDROID DEVICE FIRMWARE LOGICAL SUPPORT PHYSICAL SUPPORT Cupcake (1.5) X X Doughnut (1.6) X X Éclair (2.0-2.1) X X Froyo (2.2-2.3) X X Gingerbread (2.3-2.3.7) X X Honeycomb (3.0-3.2.6) X - Ice Cream Sandwich (4.0-...
There are two options to get access to cloud data: * Using user credentials if we know them. * Using authentication data file. This files is being generated for Android devices during logical acquisition and during import of encrypted iOS backup for...
TO PREPARE AN ADVANCED ANDROID LG DEVICE FOR ACQUISITION: 1. Put the device into Firmware Update mode. 2. Make sure that the required drivers are installed (the required drivers are included in the Electronic Evidence Examiner Driver Pack). 3. Open Device...
IMPORTANT: With the forensic process, it is important to note that, with embedded systems such as smart devices, some data must be written to the device in order to communicate with it. Depending on the type of device, the data that is written will chan...
There are advanced, keyword search and sorted files search. Advanced search is a common search engine with powerful customization. It helps to customize a lot of options to get the most accurate results. For example user can search for HEX or text, use ...
Paraben's Device Seizure will work on a machine that has iTunes installed. However, it does need to have the proper DLLs available to be able to function properly. This allows all of your forensic tools to be able to function and run on a single system. ...
We parse DJI GO drones data from iOS devices, Fitbit data from Androids. We can acquire smart watches based on Samsung Tizen, Google Wear or Android. Also, we will support Alexa Cloud.
Forensic container is specially designed secure database. Data in forensic containers is encrypted and locked by password. Only E3 and Evidence Reviewed can provide access to data in the database. DP2C and FF sticks collects data to forensic containers. A...
Smartphones are the same PCs in a small body. This means that they have their own OS. Each OS has some version and build number. Each new version vendors provide some new functions, patches, API changes and so on. Therefore, we can get different errors on...
iOS is one of the most highly protected file system. Most of iOS devices file system is not available for users or through Apple API. It is a big problem for forensics as we also can’t get all data from a device. However, some users wants to have full acc...
During logical acquisition we get logical structure and its related data, in other words we copy all available files from the file system to a case. Logical acquisition has some limitations related to a device restrictions. Usually, we can’t get all files...
Rooting is a process of getting root permissions for an Android device. After that we can get access to all file system data using Android SDK functions. Android must be loaded, and USB-debugging must be enabled and device unlocked. In case with bootloade...
Usually, we get data in its raw format as dumps or databases. So it is not really easy and not comfortable for users to work with such data. For example they need to know where a system stores useful data. It is a big problem to find it within all system ...