The most popular Instant Messengers are Telegram, WhatsApp, Viber. These instant messengers have both mobile applications and desktop applications. Today we will look at the types of data an examiner can detect when researching desktop applications of Telegram, WhatsApp, Viber.

AXIOM is our one of the best tools. A few days ago Magnet Forensics has released AXIOM V2. Now AXIOM contains many features. We were especially delighted that the functional Volatility appeared in a new version of AXIOM. Volatility is the best tool for memory forensics. The combination of AXIOM and Volatility is clearly an excellent idea. And of course we immediately started testing this functionality.

Troy Schnack wrote a blog that will help avoid many misconceptions about dates / times (DTs) in reports from both sides. It took a long time to collect various artifacts and combine the data into a chronology.

AXIOM is a top forensic tool of Magnet Forensics. An article ‘Loading Cellebrite Images into Magnet AXIOM’  is shared  in the Magnet blog .