For Belkasoft, 2021 has been a significantly important year. In the course of the year, we have released 11 major revisions of our flagship digital forensic and incident response product, Belkasoft X. We have also developed three new products for triage, remote acquisition, and incident investigations.

Please vote for Belkasoft as:

  • DFIR Commercial Tool of the Year: Belkasoft X
  • DFIR CTF / Challenge of the Year: BelkaCTF

The Belkasoft X platform is a set of tightly integrated software products for digital forensics, corporate incident investigations, effective triage and forensically sound remote data acquisition.

The products based on the Belkasoft X platform are:

  • Belkasoft Evidence Center X, our flagship Belkasoft product, is a reliable end-to-end solution to accelerate digital forensic and incident response investigations.

  • Belkasoft Triage (released in 2021) performs effective triage analysis of Windows devices directly on-scene.

  • Belkasoft Remote Acquisition (released in 2021) is developed to acquire data from a remote computer and mobile devices in a forensically sound manner.

  • Belkasoft Incident Investigations (released in 2021) allows corporate investigators to efficiently investigate intrusion attempts of Windows based systems.

Throughout 2021, we released 11 separate updates for Belkasoft X.

The key features that appeared in 2021 included:

  • A completely reworked mobile acquisition flow
  • MFT and Alternate Data Streams viewers
  • iOS acquisition
    • Checkm8 for iOS 14.* and iOS 15 from iPhone 8/8+/X and corresponding iPads
    • agent-based iOS acquisition without paid Apple Developer ID
  • Android acquisition
    • support for encrypted ADB backups
    • APK downgrade support
    • acquisition of Qualcomm, MTK, and Spreadtrum-based mobile devices
    • Android screen capturing for almost any application
    • Android Advanced ADB
    • Android SD card acquisition support
  • Cloud forensics features
    • downloading of data from Microsoft Office 365 cloud
    • iCloud backup download support
    • Google cloud forensics support
    • Google Keep and Google Timeline update, 2FA support
  • Two-factor authentication support for Cloud services
  • Notable artifacts acquisition and analysis
    • WhatsApp downloading with QR code
    • crypt14 decryption for WhatsApp
    • decryption of Signal backups for Android devices
    • Wickr Me decryption and analysis for all platforms, including Android, iOS, Windows, and Linux

Of course, the list of features in Belkasoft X is vast, so we asked our customers which features, that were implemented in 2021, were most helpful in their daily routine, and this is what they said:

1. The most popular features which emerged in Belkasoft X in 2021 were:

  • New mobile acquisition workflow
  • MFT viewer
  • ADS (Alternate Data Streams) viewer

2. The most popular mobile acquisition methods that emerged in 2021 were:

  • Checkm8 for iOS 14.*
  • Android Advanced ADB backup
  • Android screen capturing
  • Android APK downgrade
  • Agent-based MTK acquisition

3. The most valuable apps and data sources that you can acquire and analyze with Belkasoft X are:

  • Android Signal backup chat app decryption
  • WhatsApp downloading with a QR code
  • iOS Chatsecure app
  • macOS system artifacts
  • iOS Snapchat app


2021 was also the first year that we introduced the BelkaCTF challenges, which were all a success: more than 1,500 registrants. We are delighted to receive such great acclaim.

BelkaCTF challenges are for anyone in the DFIR community who would like to participate and are an excellent opportunity to use their knowledge in close-to-real-life examples for DFIR professionals and students.

Read the BelkaCTF write-up to find out more about the challenges by Belkasoft.

What was so exciting about these BelkaCTF challenges?

First of all, the plot. Every challenge had a thrilling story behind it, and that's what most of the participants noted and enjoyed. For instance, out of our three challenges, two were linked by one plot: contestants were supposed to catch the drug dealing syndicate's boss. The other thing which the participants liked about BelkaCTFs was that all of the tasks were designed like a graphic novel.

Next, every challenge was based on a mobile or computer platform, so those contestants who participated in all of the BelkaCTFs, had an opportunity to practice in the most popular platforms, including iOS, Android, and Windows. However, we decided not to limit the CTF to those who registered but didn't have time to participate, so anyone could take their chance to resolve the challenges' tasks, when they had time.

And just to understand how our contestants reacted to BelkaCTF challenges, read some of the testimonials by them:

  • 'What a great CTF. You guys at Belkasoft always make sure to take it to another level. I had the best experience participating in your CTFs!! I really loved Brave browser parsing from Belkasoft Evidence Center. It saved me a lot of time, while I noticed some other commercial tools haven't yet supported it. Also, the cryptocurrency additions are to the point if we consider the crypto madness of the last months. Great job again and thank you!'
  • 'You know as much as it was fun it let me know that I need more extensive experience in mobile images as I found the last CTF not that much troublesome as much as I found this one. So now I know what I need to work and practice with'
  • 'This was the first time for me doing LINUX Forensics as I have only been involved in investigations involving mostly Androids iOS or Windows. Learned a lot and found the areas I lack a great motivator to push myself forward, hope I will be able to do better in the next CTF and win the ones after that'
  • 'It was great fun... shouldn't have slept in the end. Thanks Belkasoft for this amazing CTF... hoping for more CTFs'

That is why we think that we deserve your support:

  • DFIR Commercial Tool of the Year: Belkasoft X
  • DFIR CTF / Challenge of the Year: BelkaCTF

Please support Belkasoft:

See also

Why Belkasoft should be your tool of choice for Mobile Forensics

What is new in the latest versions of Belkasoft X