Looking for mobile forensic hardware/software which has the capability to break passcode locked android devices running on Android 7.0 and perform physical acquisition.
Please suggest which of them will be worth purchasing .
Cellebrite - top of class
I agree. Cellebrite is at the moment the undisputed champion at our office.
Android 7.0 and perform physical acquisition.
Usually, Devices with android 7.0 are encrypted. So it is impossible analyze physical dumps of the devices.
Most of unlocked devices with Android 7x (with latest security patches) and 8x would have to be rooted to perform physical acquisition, regardless which software you are using.
Before purchasing you should think what are you getting for the price. Compare their capabilities, request a trial version.
If you have the budget, buy all three, and Mobiledit too.
If you have to choose one, Cellebrite UFED is the best for now.
+1 for this. If I had nothing else in my arsenal for phones, I would choose Cellebrite. I am fortunate to have access to nearly every other platform for comparative extractions though.
Can anyone confirm that cellibrite is able to perform logical and physical acquisitions for android 7.0 devices or higher? Also, if it can bypass passcode locks or has another methodology to acquire locked android 7.0 devices.
Resurrecting this post.
Calling out to you guys who answered that Cellebrite is better than the other solutions. What makes it better than the other solutions?
I'm a big fan of Cellebrite products. However, my judgement may be biased as UFED is the only solution I have access to in my current job's lab . I haven't played around with XRY in like 4 years and briefly used Oxygen only during SANS training.
Any insights from people who used multiple solutions would be appreciated.
Thx
Cellebrite is easier to work with, seems to support more devices, and has better reporting capabilities. If I had to choose a single mobile forensic tool it would always be Cellebrite. That said, the other tools often get the job done, I have just found that Cellebrite does so more reliably.
I'd also suggest getting two at least. Best to 'attack' or 'approach' a device with two or more tools to get the best result. I'd say Cellebrite is indeed the best at the moment.