NetAnalysis® Version 3.8

Release Notes for NetAnalysis® Version 3.8

We are thrilled to announce the release of NetAnalysis® v3.8, packed with exciting updates and enhancements to bolster your digital investigation capabilities. This version brings comprehensive support for the latest browsing technologies, ensuring you stay ahead in uncovering crucial digital evidence. Here are the key highlights of this release:

  • Enhanced Browser Support: NetAnalysis® v3.8 includes robust support for the latest browsers, empowering you to delve deep into digital artifacts across various browsing platforms with unmatched precision.

  • Adaptation to Browser Changes: Keeping pace with the dynamic landscape of digital forensics, we have incorporated support for the latest changes in both mobile and desktop browsers. This ensures seamless extraction and analysis of critical data, even in the face of evolving browser technologies.

  • Expanded Browser Version Coverage: With the addition of 24 new browser versions, NetAnalysis® v3.8 offers an extensive scope for investigation, enabling you to explore a wider array of digital footprints and extract valuable insights efficiently.

Upgrade to NetAnalysis® v3.8 today and experience unparalleled proficiency in digital forensic analysis, empowering you to unravel complex digital trails with unparalleled precision and efficiency.

Change Log

The full list of changes can be found here: Change Log v3.8.

Release Notes for HstEx® Version 5.8

Don't forget to review the release notes for HstEx® which can be found here: HstEx v5.8 Release Notes.

NetAnalysis® Version 3.7

Release Notes for NetAnalysis® Version 3.7

Welcome to NetAnalysis® Version 3.7. In this latest version, we are thrilled to unveil a range of cutting-edge enhancements and refinements, cementing our position as the forefront provider of browser forensic analysis tools. From advanced decoding capabilities for X/Twitter Snowflake IDs to comprehensive support for over 120 new browser versions across multiple platforms, this update empowers digital forensic investigators with unparalleled insights and efficiency. Additionally, our identification engine has been optimised for superior identification of SQLite databases, alongside streamlined extraction processes for Chromium based Disk Cache and iOS snapshots, and enhanced management of Microsoft Edge Web Data. Dive into the details below to discover how NetAnalysis® continues to set the standard for forensic analysis excellence.

New Features


  • Advanced SQLite Database Identification: Our identification engine now boasts enhanced capabilities for identifying SQLite databases, empowering users with more precise analysis and extraction of critical data.

  • Streamlined Chromium Disk Cache Extraction: Experience smoother workflows with improved support for importing and extracting the latest Chromium based Disk Cache, facilitating efficient retrieval of browsing history and cached content.

  • Enhanced Handling of Chromium iOS Snapshots: Enjoy refined handling of Chromium based iOS snapshot files, alongside improved extraction techniques, enhancing the accuracy and completeness of snapshot data retrieval.

  • Enhanced Microsoft Edge Web Data Management: Elevate your forensic analysis with improved handling of Microsoft Edge Web Data, ensuring thorough examination and extraction of crucial browsing information for comprehensive investigations.

Change Log

The full list of changes can be found here: Change Log v3.7.

Release Notes for HstEx® Version 5.7

Don't forget to review the release notes for HstEx® which can be found here: HstEx v5.7 Release Notes.

NetAnalysis® Version 3.6

Release Notes for NetAnalysis® Version 3.6

Welcome to NetAnalysis® Version 3.6. We are excited to present this latest update, packed with new features and improvements to enhance your browser data, forensic analysis experience. New in this release, comprehensive support for Maxthon browser on Android, iOS, Windows and macOS.

New Features

In this release, we have introduced several new features to help you examine browsing data more comprehensively:

  • Support for Latest Browsers: We have updated NetAnalysis® to ensure compatibility with all the updates and changes present in the latest browsers, keeping your analysis up to date.

  • Mozilla Firefox on Android Login Exceptions: NetAnalysis® now provides support for examining Mozilla Firefox on Android Login Exceptions, enabling you to gain deeper insights into user activity.

  • Mozilla Firefox on iOS Autofill: With our new support for Mozilla Firefox on iOS Autofill, you can now examine and interpret autofill data effectively.

  • Microsoft Edge on iOS Downloads: Examine Microsoft Edge on iOS Downloads seamlessly with our improved support for this feature.

  • Maxthon Browser: We are excited to announce support for Maxthon Browser on Android, iOS, Windows, and macOS. You can now examine browsing data from Maxthon Browser on multiple platforms, enhancing your cross-device analysis capabilities.


We have also made significant improvements to enhance your experience and analysis capabilities:

  • Identification of Supported Browser Files: We have improved the identification process of supported browser files, ensuring more accurate and efficient data analysis.

  • QQ Browser on iOS History: Our support and handling for QQ Browser on iOS history have been enhanced, enabling you to extract valuable information from this browser's history more effectively.

  • Text Extraction for Indexing and Searching: Enjoy improved text extraction from supported files, making indexing and searching for specific information even more efficient.

  • Mozilla Firefox Session Store Files: NetAnalysis® now offers enhanced support for Mozilla Firefox session store files, allowing you to delve deeper into session data.

  • Yandex on Android Chromium-based Simple Cache: Examine Yandex on Android Chromium-based Simple Cache data with improved support, enhancing your ability to uncover insights from this browser.

  • Mozilla Firefox on Android Logins: We have refined the processing and handling of Mozilla Firefox on Android Logins, ensuring a smoother analysis experience.

Change Log

The full list of changes can be found here: Change Log v3.6.

Release Notes for HstEx® Version 5.6

Don't forget to review the release notes for HstEx® which can be found here: HstEx v5.6 Release Notes.

NetAnalysis® Version 3.5

Release Notes for NetAnalysis® Version 3.5

We are thrilled to announce the release of NetAnalysis® v3.5. This version introduces an array of exciting new support and noteworthy improvements that will elevate your browser forensic analysis to unprecedented levels. Our team has been hard at work to deliver a cutting-edge update that empowers you with enhanced capabilities and support for the latest browsers. In this release, we have introduced several new features that cater to the evolving landscape of digital platforms.

New Features

  • Support for 93 new browser builds and associated data
  • Support for Chromium based Platform Notifications
  • Support for SeaMonkey Location Bar History
  • Support for Epic Privacy Browser on Android Speed Dial and Audio Queue
  • Support for Microsoft Edge Drop
  • Support for the new changes to Brave browser on iOS


  • Improved searching and processing to identify vital browser evidence
  • Improved logging of metadata from Expert Witness image files processed by HstEx®
  • Improved iOS mobile file system searching and processing
  • Improved support for Android based web browsers

Change Log

The full list of changes can be found here: Change Log v3.5.

Release Notes for HstEx® Version 5.5

Don't forget to review the release notes for HstEx® which can be found here: HstEx v5.5 Release Notes.

NetAnalysis® Version 3.4

Release Notes for NetAnalysis® Version 3.4

We are pleased to announce the release of NetAnalysis® v3.4, which includes several new features and improvements to enhance your digital investigation capabilities. With over 90 new browser artefacts, this means that investigators can now uncover even more valuable evidence to help them solve their cases.

New Features

  • Added support for Microsoft Edge navigation history, allowing you to extract and analyse navigation activity from this popular web browser.
  • Increased support for mobile browsers on iOS and Android, enabling you to more effectively investigate mobile devices.
  • Added over 90 new browser artefacts, giving you greater insight into user activity.


  • Improved identification of items of interest in our browser preferences viewer, helping you to quickly find relevant evidence.
  • Improved handling of bookmark interchange format, making it easier to extract and analyse bookmark data.
  • Made minor UI changes to assist investigators in quickly finding evidence.
  • Improved handling of Chromium and Mozilla-based browsers, providing you with more accurate results.

We are confident that NetAnalysis v3.4 will be an invaluable tool for investigators looking to recover and analyse browser artefacts. We can't wait to see the impact it will have on the digital forensic community. We hope these new features and improvements will help you to conduct more comprehensive and effective digital investigations. As always, please don't hesitate to reach out to our support team if you have any questions or feedback.

Change Log

The full list of changes can be found here: Change Log v3.4.

Release Notes for HstEx® Version 5.4

Don't forget to review the release notes for HstEx® which can be found here: HstEx v5.4 Release Notes.

NetAnalysis® Version 3.3

Offline Cached Web Page Viewing

NetAnalysis® version 3.3 introduces a major change in the way we handle and process cached content. Previous versions of the application would rebuild cached web pages and convert them to local versions using locally extracted cached content. As Web Pages become more sophisticated, this method may not always produce the best results, hence the need to evolve.

With version 3.3, we no longer rebuild web pages using this methodology. Instead, we process the requests from our built-in browser component (which is based on Google Chrome) and provide the cached content directly from the browser's cache. Therefore, as the browser loads the page, it parses the various elements and requests the content it requires to render the page on screen. We take those requests and find the data in the browser's cache, serving it back to the browser. We have also introduced a Cache Monitor window so you can see what the browser is requesting from the cache. This means that the cache no longer has to be extracted and the web pages rebuilt before you view them.

This new methodology has also allowed us to effectively deal with client and server side redirects. When our HTTP response to the browser indicates the content is subject to a server side redirect, the browser can then re-request the content from the corresponding new cache location. Client side redirects are already dealt with by our browser component. This delivers a considerable enhancement to the ability of NetAnalysis® to display cached web pages.

New Features

We have added support for 223 new browser artefacts. We have also made some user interface enhancements and added new cache reading and extraction support:

  • New Filter Menus: Live Cached Web Pages (Ctrl + W), Live Cached Images and Live Files.

  • New Filters for Secure Cookies and HTTP Only Cookies.
  • New Cache Monitor window for monitoring cache extraction.
  • Support for WebKit2 Network Disk Cache.
  • Support for reading and extracting data from Apple Web Archive files.

Change Log

The full list of changes can be found here: NetAnalysis® v3.3 Change Log.

Release Notes for HstEx® Version 5.3

Don't forget to review the release notes for HstEx® which can be found here: HstEx v5.3 Release Notes and Change Log.

NetAnalysis® Version 3.2

Release Notes for NetAnalysis® Version 3.2

NetAnalysis® version 3.2 adds further support for mobile and desktop browsers. We have added new support for:

New Features

  • Support for Sleipnir Mobile on iOS
  • Support for Sleipnir Mobile on Android
  • Apple Safari v15 Tabs on macOS and iOS
  • Mime HTML indexing
  • PNG export from Viewer
  • Mime HTML export from Viewer
  • Opera Mini on Android Saved Pages

  • Microsoft Edge Custom Autofill

  • Mozilla Firefox Logins on Android and iOS

Change Log

The full list of changes can be found here: NetAnalysis® v3.2 Change Log.

Release Notes for HstEx® Version 5.2

Don't forget to review the release notes for HstEx® which can be found here: HstEx v5.2 Release Notes.

NetAnalysis® Version 3.1

Release Notes for NetAnalysis® Version 3.1

NetAnalysis® version 3.1 continues our quest to add further support for mobile browsers. This release adds support for eighteen new browsers, namely 7 Star Browser, Naver Whale on desktop and mobile platforms, Opera Mini on mobile platforms, Opera Touch on Android, Opera GX on mobile platforms, Dolphin Browser on Android, Brave on mobile platforms, Opera on mobile platforms, QQ Browser on mobile platforms and UC Browser on mobile platforms.

We have also added new artefacts for existing browsers, giving us a total of 142 new artefacts for this version. For a full list of changes, see NetAnalysis® v3.1 Change Log.

UC Browser on Android and iOS

UC Browser is a cross-platform web browser developed by mobile internet company UCWeb, a subsidiary of the Alibaba Group. It is primarily targeted at mobile platforms and is extremely popular in India, Indonesia and China. It also encrypts many of the databases used to store user data.

In this release of NetAnalysis®, we have enhanced our support for UC Browser on Android and iOS. We can now decrypt History, Most Recent Visited History, Search Data and Bookmarks.

Decrypting UC Login Data on Android

We have also added support for decrypting usernames and passwords.

Zone.Identifier Recovery

With the release of HstEx® v5.1, we have added the ability to search and recover MFT entries containing resident Zone Identifier data. This provides us with a lot of information regarding the original file. The recovered data is easily read into NetAnalysis® for examination. The image below shows a number of recovered Zone Identifier entries. The Information panel shows the associated MFT attribute information along with the Zone Transfer data from the Zone.Identifier stream.

Change Log

The full list of changes can be found here: NetAnalysis® v3.1 Change Log.

Release Notes for HstEx® Version 5.1

Don't forget to review the release notes for HstEx® which can be found here: HstEx v5.1 Release Notes.

NetAnalysis® Version v3.0

Release Notes for NetAnalysis® Version 3.0

Version 3 is a major release of NetAnalysis® and adds over 200 new artefacts as well as new support for mobile and portable browsers. The user interface has been completely re-written and adds major improvements and new features in a number of key areas. We have improved the layout of the user interface, with the goal of improving productivity, and added support for light and dark themes. Our grids now boast powerful Excel-style column filtering with easy access string, number and date filtering. Another key feature is the built-in Properties Examiner with powerful examination, analysis and reporting of browser preferences.

In combination with HstEx® v5, NetAnalysis® is the most powerful, comprehensive, browser forensic analysis suite available. However, don't just take our word for it, take it for a spin and see the powerful features in action.

Enhanced Filtering

Our grids now support enhanced Excel-style column filters. The menus contain two tabs: Values and Filters. The Values tab allows the user to select specific values or value ranges. The Filter tab allows the user to create custom filters using comparison operators that match the data type. The video below shows the Filter for a Date column in action.

New Filter Editor

The Filter Editor allows the user to build complex filters with an unlimited number of filter conditions combined by logical operators. The visual styling of the Filter Editor has been improved to make it much easier to view, edit and build powerful data filters.

Progress Filtering

We have also enhanced the Progress Window with the same column filters. When processing data, it is now easy to filter rows containing a specific status. This makes it a simple process to review the log for warnings and other status values of interest.

New Properties Examiner

The Properties Examiner allows the user to view and perform detailed analysis on the various Preference values set by Mozilla and Chromium-based browsers. You can search, filter, group, sort and even print reports on the extensive property sets available. We have added support for saving and loading Property Filters to make it easier to identify items of interest. Various timestamp property values are automatically converted to Date/Time values and displayed in their own column. Property types are identified by a small icon before the Property Name.

Filtered Properties can easily be sent to a NetAnalysis® Report where the data can be exported in a number of different formats, including PDF.

Improved Search Index

The Search Index database is a powerful feature of NetAnalysis® and has been enhanced in this release. It allows the user to rapidly search across the text extracted from the input data and identify key items of interest. We have updated the search syntax to include wild-card characters. The image below shows how to use a wild-card search to identify all email addresses in the search index:

Zone Identifier ADS

NetAnalysis® v3 now checks for Zone.Identifier Alternate Data Streams when processing files. When a file is downloaded, a Zone.Identifier ADS is created and can contain the source URL of the download. The Information panel will show the various metadata properties for the download.

Change Log

Release Notes for HstEx® Version 5.0

Don't forget to review the release notes for HstEx® which can be found here: HstEx v5.0 Release Notes.