MD-LIVE
MD-LIVE - Image 2
MD-LIVE - Image 3

MD-LIVE

Mobile forensic software for on-the-spot investigation which performs live extraction and analysis on a mobile device

  • MD-LIVE is a mobile live forensic product with a smooth user experience which can support logical extraction and quick data analysis.
  • It also supports the selective acquisition from evidence without privacy infringement, screen capture & recording of mirrored smartphone display, and recording of forensic process by an external camera via an internal recording feature.

View PDF

Category:

Description

FEATURES :
SELECTIVE EXTRACTION AND ANALYSIS OF EVIDENCE DATA

  • Prioritizes on-site proceeding and acquiring, so image and case files can be analyzed afterwards
  • Only data related to the case can be selected and analyzed
  • Selective acquisition of data for the protection of personal information
  • Scans important applications based on time and frequency of use

ANALYSIS DATA VIEW JUST LIKE LOOKING AT A REAL SMARTPHONE SCREEN

  • Quick evidence data identification by providing data view themes similar to that of a smartphone app

INTEGRATED DATA VIEWERS

  • Includes the viewers to display files such as photo, video, audio, document, map and website browsing history

MIRRORING AND REMOTE CONTROL OF SMARTPHONE DISPLAY

  • Smartphone screen mirroring and remote control can be used when smartphone display is broken or the prevention of unwanted operation on the phone
  • The mirrored screen can be captured and recorded as evidence

SCREEN RECORDING

  • PC screen recording of MD-LIVE to reproduce and verify its forensic process

EASY AND CONCISE PROCESS

  • Intuitive user interface
  • Auto-detection of smartphone model
  • Automated analysis after data acquisition

REPORTING FEATURES

  • Exports reports into PDF and Excel formats
  • Supports ‘Witness Document’ generation
  • Supports a various HASH algorithms MD5, SHA1/224/256/384/512, RIPEMD128/160/256/320

EXTERNAL STANDING CAMERA (OPTION)

  • For taking a photo of the evidence and its display or recording the investigation procedure
  • Hardware-based auto-focusing
  • Anti-reflection pad

SPECIFICATION

EXTRACTION

  • Automatic recognition of smartphone model
  • Detail information view for installed apps
  • Various filtering option for installed apps
  • Extraction guides and notifications per OS type
  • Display of extraction progress by app
  • Multi-space notification
  • Selective extraction by apps or by time period
  • Selective mode of Scan, Extraction, Analysis flexible to on–site use cases
  • Notification of the battery level at the device before extraction

ANALYSIS

  • App analysis
    • Over 2,000 Android and iPhone smartphone apps
    • Messenger data decryption – Facebook Messenger, WeChat, Signal, Wickr, Discord etc.
    • Multi–account app analysis – WeChat, Telegram, Instagram, Facebook Messenger etc.
  • Various DB format analysis: SQLite, Realm, Bolt, ESE etc.
  • Various filesystem analysis
  • Signature–based multimedia analysis

ANALYSIS RESULT VIEW

  • Customized filters by analysis result types
  • Ability to view selected items or search results
  • Messenger view
  • GPS geolocation visualization support with the online and offline maps
  • Keyword list search by import of external file or manual input
  • Supports Watch List and the user-defined filter of Apps in Watch List
  • Hash Sets search by import of external file, manual input, Project VIC(UK, US, CA), Photo DNA
  • Internal viewers for documents, database, Hex, text, image, audio and video
  • Browser for Internet browsing history view

RECORDING INVESTIGATION

  • Photographing, video/audio recording of evidence and investigation process by MD-CAMERA (External HD Camera) or HDMI capture board supplied as option items
  • Mirrored and remote-controlled smartphone screen can be captured and recorded
  • PC screen recording of MD–LIVE to reproduce or to verify its forensic process
  • Log analysis to track the recent history of smartphone app usage and system history
  • Monitoring active phone process for malware or specific active app investigation

REPORTING

  • Report types
    • Analysis results summary – summarized result
    • Analysis results report – detail result
    • Electrically stored information – extracted files list
  • Report options
    • Anonymous reporting to protect the witness or the victim by hiding owner information
    • Large image reporting to display one image on each page not to scales down
    • Archive report file as MDF/ZIP/TAR/DD
    • Report file format – PDF, Excel
    • HASH algorithms options – MD5, SHA1/224/256/384/512, RIPEMD128/160/256/320

Related products