Email is one communication technology that can be used to exchange information, data, and etc. The development of email technology not only can be opened using a computer but can be opened using an smartphone. The most widely used smartphone in Indonesian society is Android. Within a row, the development technology of higher cybercrime such as email fraud catching cybercrime offenders need evidence to be submitted to a court, for obtain evidence can use tools like Wireshark and Networkminer to analyzing network traffic on live networks. Opportunity, we will do a comparison of the forensic tools it to acquire digital evidence. The subject of this research focused on Android-based email service to get as much digital evidence as possible on both tools. This process uses National Institute of Standards and Technology method. The results of this research that networkminer managed to get the receiving port, while in Wireshark not found.

android; email; networkminer; NIST; Wireshark;