ABSTRACT
The Covid-19 pandemic has created unprecedented challenges in the technology age. Previous infrequently used applications were pushed into the spotlight and had to be considered reliable by their users. Applications had to evolve to accommodate the shift in normality to an online world quickly, predominantly for businesses and educational purposes. Video conferencing tools like Zoom, Google Hangouts, Microsoft Teams, and WebEx Meetings can make communication easy, but ease of online communications could also make information easier for cybercriminals to access and to use these tools for malicious purposes. Forensic evaluation of these programs is important, as being able to easily collect evidences against the threat actors will aid investigations considerably. This paper reports how artefacts from two popular video conferencing tools, Microsoft Teams and Google Meet, could be collected and analysed in forensically sound manners. Industry standard cyber forensics tools have been reported to extract artefacts from range of sources, such as memory, network, browsers and registry. The results are intended to verify security and trustworthiness of both applications as an online conferencing tool. © 2022, ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering.