NetAnalysis® v2.12 and HstEx® v4.12 Released

Introduction

This release of NetAnalysis® adds support for another two browsers, namely AVG Secure Browser and Min Browser. We have also added support for thirty-eight new versions of other browsers.

 

Digital Detective's NetAnalysis® v2.12 Forensic Web Browser Analysis

NetAnalysis® v2.12

 

New Features

We have added support for the following browsers:

AVG Secure Browser

AVG Secure Browser is a web browser with built-in security and privacy features designed by AVG Technologies, a subsidiary of Avast. It claims to be a fast, secure browser with built-in adblock, anti-phishing, safer online banking, password manager and a host of other security focused features.

AVG Browser Logo

Min Browser

Min Browser is an open-source web browser which has been designed with a minimalist outlook. The tabs in Min take up less space as they are combined with the search bar into one row. Another interesting feature is the ability to organise tabs into Tasks, this is similar to the Tab Groups feature in Firefox. It also has a Focus Mode which hides the other tabs with an aim to prevent distractions.

Min Browser Logo

Apple Safari

We have added support for remote user notification permissions and enhanced the support for recently closed tabs.

Microsoft Edge Collections

We have added support for the new Microsoft Edge Collections feature.

Collections offers a way to save and group information found on the Internet. Microsoft suggests that Edge users may use Collections to “collect and compare” shopping items, to gather holiday ideas and plan trips, or to group selected sites by theme, for example, news sites.

Yandex Login Data

Yandex browser has recently changed the way it stores a user’s login credentials. NetAnalysis® now has support to import and interpret data from this new file.

Chromium Based Quota Manager

There are a number of web technologies that store data of one kind or another on the client-side (i.e., on the local disk). The process by which the browser works out how much space to allocate to web data storage and what to delete when that limit is reached is not simple, and differs between browsers. In Chromium-based browsers, this is achieved by the Quota Management API which controls storage limits and the eviction of client-side web data.

NetAnalysis® now has support for importing data from the Quota Manager.

Improvements

We have made the following improvements in this release of NetAnalysis®:

Internal Viewer

Our internal viewer has been updated to deal with the latest in browser technology. In addition, we have added support for data URLs, so they may be displayed in the viewer; depending on the format of the data, you can right-click on the page and save the data in its native format.

 

Digital Detective NetAnalysis displaying a data URL

NetAnalysis® Displaying a Data URL

We have also added support for viewing MHTML documents.

Reporting

All our report templates have been updated for improved performance in relation to speed and memory usage. In addition, we have added support for caching reports to disk as they are rendered, which allows for very large numbers of report pages to be created without running into memory issues.

The following screen shows a generated report containing 297,452 pages:

Digital Detective NetAnalysis showing 297 thousand pages in a Generated Report

NetAnalysis® Report with 297,000+ Pages

 

User Interface Enhancements

When the grid contains many rows of data, it is sometimes difficult to know which row is focused or which rows are selected. To help locate these rows quickly, we have added scrollbar annotations. These are coloured marks on the vertical scrollbar which reflect the location of corresponding rows in the grid.

We have also added support for hot-track (mouse hover) row highlighting; this allows the user to visually see the mouse cursor’s hover position within the grid.

Improved Support for Processing Mounted File Systems

Hard Disk Drive

We have reviewed a number of different file mounting applications to see if we can improve the way we handle read-only file systems. This has resulted in a number of improvements. We have enhanced our support for files and folders containing reparse points as well as improving the way we deal with file system artefacts which require elevated permissions.

Additional Content Available for Search Indexing

During import, cache exporting and page rebuilding, we identify relevant content for adding to our search index. In this release, we have added:

  • Chromium-based autofill name and value fields.
  • Plain-text login credentials from Mozilla-based and Chromium-based browsers.
  • Text content from Microsoft Edge (Chromium-based) Collections

This text information, is written out to the export folder, where it is included in the Search Index when it is created by the user.

The following image shows the index being searched. Create and search the Indexed data by accessing the Index menu in NetAnalysis®.

 

Digital Detective's NetAnalysis® Indexed Search

Searching the NetAnalysis® Search Index

HstEx® Release Notes

Digital Detective's HstEx® Searching and Recovering Evidence

HstEx® v4.12

This release of HstEx® adds support for another two browsers, namely AVG Secure Browser and Min Browser. We have also added support for thirty-eight new versions of other browsers, as well as enhancing our support for Apple Safari.

AVG Secure Browser

We have added support to HstEx® for the recovery of the following AVG Secure Browser artefacts:

AVG Secure Browser artefacts supported in Digital Detective's HstEx®

Min Browser

We have also added support for the recovery of the following Min Browser artefacts:

Min Browser artefacts supported in Digital Detective's HstEx®

Apple Safari

We have added seven new data types to our Apple Safari recovery profile. This version of HstEx® allows the recovery of Recently Closed Tab files, Last Session files, Bookmarks files, Reading List files, Search Descriptions files, User Notification Permissions files and Remote Notifications Permissions files.

We have improved the recovery of Safari download records contained within XML Plist files where there are embedded dictionary elements.

We have also improved our binary Plist recovery, which has been outlined in our Improvements section below.

New Apple Safari artefacts added to Digital Detective's HstEx®

Yandex Login Data

Yandex browser has recently changed the way it stores a user’s login credentials. HstEx® now has support to recover data in this new format.

Improvements

We have made some significant improvements in the recovery of Apple binary Plist data for this release of HstEx®:

Binary Plist Recovery

Apple’s Property List (Plist) files are serialized objects which come in two flavours, binary and XML. With this release of HstEx®, we have re-engineered our data recovery engine for the recovery of binary Plist data. This new version now includes our Intelli-Carve® technology; this powerful technology allows for more accurate recovery of data from unstructured data sources; it also has the capability of detecting errors and corruption.

Change Log

The full change log for NetAnalysis® and HstEx® can be found in the following pages:

The post NetAnalysis® v2.12 and HstEx® v4.12 Released appeared first on Digital Detective.

Article Link: https://www.digital-detective.net/netanalysis-v2-12-and-hstex-v4-12-released/