WhatsApp and Signal are end to end encrypted (for the most part).

The OSForensics Android module does not break any encryption and operates entirely within the sandbox that the Android API provides.

It supports the acquisition of:
- SMS and MMS messages and their attachments
- Call logs
- Contacts

In order to use it you need to have the credentials for the phone under investigation as well as the phone itself.

The way the OSForensics Android acquisition works is:
- OSForensics installs the OSFExtract app onto the phone
- OSFExtract uses the Android APIs to query each of the above three data sets
- OSFExtract transmits the results back to OSForensics

Please let us know if you'd like to know anything else about OSForensic's Android acquisition capabilities.