Skip to main content
Skip table of contents

MOBILedit Cloud Forensic

With the rapid development and increased availability of mobile cloud computing, it is a logical step for us to provide enhanced capability for our customers to be able to investigate and extract data from clouds.

Cloud services are an easy way for app developers and software service providers to not only increase the amount of storage available for their end-users, yet also to provide cross-device and cross-platform integration for one account on many devices.

There are two options for how to use MOBILedit Cloud Forensic:

  1. With MOBILedit Forensic PRO

  2. Cloud Forensic standalone product

To be able to use this feature, it is necessary to have a computer connected to the internet.

Since the release of MOBILedit Forensic 9.4, the cloud package must be installed if you have a valid license for MOBILedit Cloud Forensic and wish to use it, either as an integration to MOBILedit Forensic PRO or PRO+ or, as a standalone software.
You can download or import the package in the "Check for updates" option.

 

There is usually cached cloud data available on an examined device, however, being able to extract data directly from the cloud service is much more beneficial.

Our cloud extractor gives investigators the ability to access and extract data from some of the most popular cloud services, with the following clouds currently supported:

Name

Platform

Support of 2FA

What data can be extracted

Box

Android (rooted) / iOS / Credentials

Yes

Image files, audio files, video files, documents, files

Booking.com

Android (rooted) / iOS / Credentials

No

Messages, locations

Dropbox

Android (rooted) / Credentials

Yes

Image files, audio files, video files, documents, files

Facebook

Android (rooted) / iOS / Credentials

Yes

 Contacts, messages

Facebook Messenger

Android (rooted) / iOS / Credentials

Yes

Contacts, messages 

Google Cloud (Drive, Contacts, Calendar, Keep, Timeline)

Android (rooted) / Credentials

Yes

Contacts, organizer, files, image files, documents, audio files, video files

LinkedIn

Android (rooted) / Credentials

No

Accounts, contacts, messages

Instagram

Android (rooted) / iOS / Credentials

 Yes

Contacts, messages

Microsoft Onedrive

Android (rooted) / iOS / Credentials

Yes

Image files, audio files, video files, documents, files

Microsoft OneNote

Android (rooted) / iOS / Credentials

Yes

Accounts, notes, documents, images and video

Microsoft Teams

Android (rooted) / iOS / Credentials

Yes

Files, images, documents, audio, video

Slack

Credentials

Yes

Account, contacts, messages,

Skype

Android (rooted) / Credentials

No

Contacts, messages, call logs

X (Twitter)

Android (rooted) / Credentials

Yes

Accounts, contacts, messages, notifications

FTP

 Credentials

 No

 Files, images, documents, audio, video

IMAP

Credentials

No

Messages

POP3

Credentials

No

Messages

 

 

MOBILedit Cloud Forensic currently supports cloud data acquisition where the user has directly signed up and created an account with one of the supported services. For example, the user has signed up for an account directly with Instagram using an email and password.

If the user of the cloud account has signed up for one of the supported cloud services using a third-party platform, such as using a Facebook account to sign up for Instagram, we would be able to access the Facebook data yet, not the Instagram data.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.