Chat applications are among the most common applications on the market. These applications provide users with the ability to chat or call outside the standard services offered by the network service provider. These apps may often be more secure compared to other apps. By secure, we mean that the apps may offer encryption, private profiles, private group chats, and more. Additionally, these apps enable the user to message or call others without the need for a data plan, as Wi-Fi provides all of the access that they need. Facebook Messenger, WhatsApp, Skype, Tango, and Snapchat are some of the more popular applications.

Parsing artifacts from chat applications is not always simple. Often, multiple tools and methods will be required to extract all of the data within them. Commercial tools may only parse a portion of the data, forcing you to learn how to examine and recover all data or miss evidence. In the following screenshot, Oxygen Forensic Detective is being used to parse chat messages from Tango on an Android device. Note that the message does not show the image in the table. However, this image can be pieced back into the message (notice the screenshot that is shown with an arrow pointing to the message to which it belongs), to provide an overall picture of what was being shared in a conversation. This was a manual process and was not performed by the tool:

Next, we will take a look at GPS apps.