Mastodawn

🚀 New Release: HEART by Metadata Forensics v1.4.1.0! 🚀

This release adds six new Apple Health application artifacts:

📋 Health Details
❤️ Cardio Recovery
💓 Heart Rate Variability
🧘 Mindful Minutes
🌤️ State of Mind
🌬️ Breathing Disturbances

Free to download on GitHub: https://github.com/MetadataForensics/HEART_by_Metadata_Forensics

GitHub - MetadataForensics/HEART_by_Metadata_Forensics: This free tool parses Apple Health and Fitness Application data from Apple iPhone extractions in a forensic manner.

This free tool parses Apple Health and Fitness Application data from Apple iPhone extractions in a forensic manner. - MetadataForensics/HEART_by_Metadata_Forensics

GitHub

James McGee May 19

Check out our newest article, Empirical Assessment of Apple Health Activity Data: Accuracy, Granularity, and Database Artifacts! Looking deeper into the cache_encryptedC.db and iOS 26 changes.
Article: https://tinyurl.com/ae8akwm5
Support updated to HEART: https://tinyurl.com/v8zesb7h

Empirical Assessment of Apple Health Activity Data: Accuracy, Granularity, and Database Artifacts

For nearly ten years, Apple Health data has played a role in significant criminal investigations, prompting ongoing and crucial discussions about its dependability and precision. One of the earlies…

The Metadata Perspective

James McGee Mar 13

KMLer turns CSV and XLSX files into KML files while adding the investigative context examiners and analysts need. 🕵️ Horizontal accuracy visualized, extended data, processing report, and more!
Read more here: https://tinyurl.com/y8d3je3m
Get it here: https://tinyurl.com/3fw8vnn8

James McGee Feb 26

🚀 New Release: HEART by Metadata Forensics Version 1.3! 🚀
We’ve added Local Device Time conversions! Because most Apple Health and Fitness application artifacts are linked to the device recorded the event, the associated time zone is preserved as well. Conversions by activity!

Get it here: https://github.com/MetadataForensics/HEART_by_Metadata_Forensics

GitHub - MetadataForensics/HEART_by_Metadata_Forensics: This free tool parses Apple Health and Fitness Application data from Apple iPhone extractions in a forensic manner.

This free tool parses Apple Health and Fitness Application data from Apple iPhone extractions in a forensic manner. - MetadataForensics/HEART_by_Metadata_Forensics

GitHub

James McGee Feb 23

Couldn’t start the week better — thank you Christopher Vance for the shout-out in your session, Harping on health data, during the Magnet Virtual Summit 2026!

Your Mobile Unpacked series has helped so many of us, and it’s genuinely humbling to have my Apple Health contributions mentioned alongside it.

If you’re in digital investigations and haven’t joined the Summit yet, you still have time (Feb 23–26). It’s free, eye-opening, and full of practical takeaways:
https://lnkd.in/ew3taAjV

My own corner of Apple Health forensics lives on the Metadata Forensics company blog, The Metadata Perspective:
https://lnkd.in/e6HZCBFq

And HEART by Metadata Forensics (Health Events & Activity Reporting Tool) so the community can quickly turn Apple Health application data into usable reports. 37+ artifacts, clean HTML output, and it works on the extractions you already have.
https://lnkd.in/ehvzCCy5

Looking forward to the rest of the week and continuing the conversation with all of you.
#MVS2026 #DFIRCommunity

James McGee Dec 2, 2025

Ever wondered what secrets are in your Apple Contacts? 📱 iQueryContacts 🕵️ is our new advanced SQL query work for the AddressBook.sqlitedb. All the classic data plus some new info including the Chinese lunar birthday! Find out more at https://github.com/MetadataForensics/iQueryContacts

GitHub - MetadataForensics/iQueryContacts: Advanced parser for Apple Contacts (AddressBook.sqlitedb) with phones, emails, addresses, social accounts, birthdays (including Chinese lunar), and group memberships.

Advanced parser for Apple Contacts (AddressBook.sqlitedb) with phones, emails, addresses, social accounts, birthdays (including Chinese lunar), and group memberships. - MetadataForensics/iQueryCont...

GitHub

James McGee Nov 20, 2025

James McGee Nov 13, 2025

🧩 RowIDetective 🕵️‍♂️ formerly detailed Lagging for the Win: Querying for Negative Evidence in the sms.db. Now detecting missing messages at the end of Apple sms.db. Because every gap tells a story.
🔗 http://github.com/MetadataForensics/RowIDetective

GitHub - MetadataForensics/RowIDetective: An update to our prior work within Lagging for the Win, now reporting all sms.db missing ROWID values up to the message sequence number.

An update to our prior work within Lagging for the Win, now reporting all sms.db missing ROWID values up to the message sequence number. - MetadataForensics/RowIDetective

GitHub

James McGee Oct 22, 2025

🚀 New release! HEART by Metadata Forensics (Health Events & Activity Reporting Tool) Version 1.1.0.0!

Now supporting TAR, DAR (some), Advanced Logical (Encrypted) Extractions, iTunes Encrypted Backups.

⬇️ Download: tinyurl.com/v8zesb7h
📖 Article: tinyurl.com/94rx6vk4

James McGee Sep 22, 2025

HEART by Metadata Forensics (Health Events & Activity Reporting Tool)

Free tool to parse Apple Health & Fitness data from FFS Extractions.

🔍 31+ artifacts supported
📊 HTML report + CSV/PDF export

⬇️ Download: https://tinyurl.com/v8zesb7h
📖 Article: https://tinyurl.com/94rx6vk4

GitHub - MetadataForensics/HEART_by_Metadata_Forensics: This free tool parses Apple Health and Fitness Application data from Apple iPhone extractions in a forensic manner.

This free tool parses Apple Health and Fitness Application data from Apple iPhone extractions in a forensic manner. - MetadataForensics/HEART_by_Metadata_Forensics

GitHub

Blog	https://www.sqlmcgee.wordpress.com/
LinkedIn	https://www.linkedin.com/in/jamesrmcgee/
Twitter	https://www.twitter.com/SQL_McGee