MD-RED

Mobile forensic software for recovery, decoding, decryption, visualization and reporting evidence data from a mobile and digital device

MD-RED is a forensic software for recovery, decryption, visualization, analytic data mining, and reporting of evidence data extracted via MD-NEXT or other tools. All the results of the analysis can be exported as the forensic reports for the investigation of crimes and accidents. Also, the analysis module of the latest mobile apps is quickly updated by continuous research.

Key Features

Supports a variety of mobile phone manufacturers and mobile OS

  • Supports feature phones, smart phones and a variety of digital devices
  • Supports iOS, Android, Windows, Tizen and other mobile OS

Analysis and recovery of various filesystem

  • FAT12/16/32, exFAT, NTFS, ext3/4, HFS+, EFS, YAFFS, FSR, XSR, F2FS, VDFS, XFS, DVR filesystem (e.g., Dahua and Hikvision), black box file system(TAT)
  • Analysis of deleted data for unallocated area

Analysis of mobile data and over 2,000 apps including the latest mobile app

  • Multimedia files taken by phone camera
  • Call log, Address book, SMS/MMS, email, Memo, Internet history
  • Social media, Map, Navigation, Health, Banking, and Lifestyle app
  • Anti-forensic app

Maximized analysis performance

  • Parallel analysis via multi-core process

The decryption of encrypted data

  • Decryption of encrypted chatting message, email, file and app data

Deep analysis of major messenger apps

  • Data Decoding and Recovery
  • WhatsApp –Decryption of Multiple backup files
  • WeChat – Multiple account analysis, Rainbow table
  • Skype, Facebook messenger, Telegram, Wickr
  • QQ, Kakaotalk, Line, Zalo, Viber, Snapchat and many other messengers

Decodes locked screen and password information

  • Decodes Unlock Pattern, PIN, and Password
  • Data analysis via GPU
  • iPhone keychain analysis

Multimedia data recovery and analysis

  • Recovery for frame of deleted/damaged video file
  • Exclusion of pre-registered images (900,000+) using RDS (Reference Data Set)
  • Provides audio file converter (From AMR/AUD/QCP/SILK to MP3/AMR/WAV)
  • Supports playback of QCP file and Silk codec audio

New digital device analysis

  • Drone data analysis – Flight history, Multimedia data, Supports Manufacturer DJI/Parrot/PixHawk
  • IoT data analysis – AI Speakers, Smart TV, Car Navigation

Log analysis

  • Medial log, Search word log
  • System log, Network log (Bluetooth, WiFi, Cell Tower)

Social relationship analysis

  • Supports analysis for multiple phones
  • Call log, messenger, email data analysis
  • Contacts merge and split
  • Filtering by the app, period, contacts, types of communication
  • Community analysis by diverse technique>

Embedded data viewers

  • SQLite database viewer
  • HEX viewer
  • PList viewer
  • Documents viewer (Text, XML, PDF, MS office, ZIP file, Executable file, Encrypted file)
  • Photo Gallery
  • Video player
  • Audio player

Visualization of analyzed data

  • GPS data and cell tower location
  • Offline/Online map (region/country/city – 3 level)
  • Time-line viewer
  • Link viewer for social relationship visualization
  • Chatting viewer for communication visualization
  • Web browser for internet history review

Advanced data filtering option

  • Various filter including file system, signature, time
  • Arraying, grouping
  • Regular expression search
  • Keyword registration
  • Bookmarking of analysis result
  • Analysis result removal tool

Python scripting IDE for user-defined analysis

  • Python script editor for advanced user
  • Code generation, Code execution and debugging

Case management and hash value verification

  • Case management
  • Grouping extracted images
  • Hash value verification on each extraction image
  • MD-NEXT Acquisition tools interworking

Reporting features

  • Hash calculation for a selected file
  • Extracts analyzed multi-media
  • Supports diverse report formats of PDF, Excel, HTML, XML and SQLite DB
  • Supports 3rd party report format like NUIX and Relativity
MD-RED: Creating a report
MD-RED: Creating a report
MD-RED: Information location
MD-RED: Information location
MD-RED: Information extraction
MD-RED: Information extraction