Elcomsoft iOS Forensic Toolkit 8.21 add auto-DFU and automated screen shot capture
Elcomsoft iOS Forensic Toolkit 8.21 adds support for automated DFU mode and automated screen shot capturing using a pre-programmed Raspberry Pi Pico board. In addition, the new release adds checkm8 extraction support for compatible devices running iOS 15.7.3-15.7.5.
👉 https://www.elcomsoft.com/news/833.html
#checkm8 #EIFT #DFU #mobileforensics #iOS #iPhone #DFIR
Elcomsoft iOS Forensic Toolkit 8.21 adds support for automated DFU mode and automated screen shot capturing using a pre-programmed Raspberry Pi Pico board. In addition, the new release adds checkm8 extraction support for compatible devices running iOS 15.7.3-15.7.5.
👉 https://www.elcomsoft.com/news/833.html
#checkm8 #EIFT #DFU #mobileforensics #iOS #iPhone #DFIR
Automating DFU Mode with Raspberry Pi Pico
The latest update to iOS Forensic Toolkit brings two new features, both requiring the use of a Raspberry Pi Pico board. The first feature automates the switching of iPhone 8, iPhone 8 Plus, and iPhone X devices into DFU, while the second feature adds the ability to make long, scrollable screen shots in a semi-automatic fashion. In this article we will show how to build, program, and use a Raspberry Pi Pico board to automate DFU mode.
👉 https://blog.elcomsoft.com/2023/04/automating-dfu-mode-with-raspberry-pi-pico/
#DFU #EIFT #iOS #Raspberry #raspberrypipico #DFIR
The latest update to iOS Forensic Toolkit brings two new features, both requiring the use of a Raspberry Pi Pico board. The first feature automates the switching of iPhone 8, iPhone 8 Plus, and iPhone X devices into DFU, while the second feature adds the ability to make long, scrollable screen shots in a semi-automatic fashion. In this article we will show how to build, program, and use a Raspberry Pi Pico board to automate DFU mode.
👉 https://blog.elcomsoft.com/2023/04/automating-dfu-mode-with-raspberry-pi-pico/
#DFU #EIFT #iOS #Raspberry #raspberrypipico #DFIR
Automating Scrolling Screenshots with Raspberry Pi Pico
The recent update to iOS Forensic Toolkit brought two automations based on the Raspberry Pi Pico board. One of the new automations makes it possible to make long, scrollable screen shots in a semi-automatic fashion. In this article we will show how to build, program, and use a Raspberry Pi Pico board to automate scrolling screenshots.
👉 https://blog.elcomsoft.com/2023/04/automating-scrolling-screenshots-with-raspberry-pi-pico/
#EIFT #iOS #logicalacquisition #Raspberry #raspberrypipico #screenshot #screenshot #dfir
The recent update to iOS Forensic Toolkit brought two automations based on the Raspberry Pi Pico board. One of the new automations makes it possible to make long, scrollable screen shots in a semi-automatic fashion. In this article we will show how to build, program, and use a Raspberry Pi Pico board to automate scrolling screenshots.
👉 https://blog.elcomsoft.com/2023/04/automating-scrolling-screenshots-with-raspberry-pi-pico/
#EIFT #iOS #logicalacquisition #Raspberry #raspberrypipico #screenshot #screenshot #dfir
Full low-level extraction for the entire iOS 15 range
Elcomsoft iOS Forensic Toolkit 8.22 and 7.81 expand low-level extraction support, now covering the entire iOS/iPadOS 15 range. The newly supported OS versions include 15.6 through 15.7.2. The new method enables the extraction of the full file system including keychain, and supports devices built with the A12 and newer chips, effectively covering the iPhone 8/X through iPhone 13 range, and many iPads including those based on Apple M1 chips.
👉https://www.elcomsoft.com/news/834.html
#EIFT #ios #dfir #mobileforensics
Elcomsoft iOS Forensic Toolkit 8.22 and 7.81 expand low-level extraction support, now covering the entire iOS/iPadOS 15 range. The newly supported OS versions include 15.6 through 15.7.2. The new method enables the extraction of the full file system including keychain, and supports devices built with the A12 and newer chips, effectively covering the iPhone 8/X through iPhone 13 range, and many iPads including those based on Apple M1 chips.
👉https://www.elcomsoft.com/news/834.html
#EIFT #ios #dfir #mobileforensics
Low-level Extraction for iOS 15
Last month, we introduced a new low-level mechanism, which enabled access to parts of the file system from many Apple devices. The partial extraction process relies on a weak exploit that did not allow full sandbox escape. Today, the limitations are gone, and we are proud to offer the full file system extraction and keychain decryption for the entire iOS 15 range up to and including iOS/iPadOS 15.7.2.
👉 https://blog.elcomsoft.com/2023/05/low-level-extraction-for-ios-15/
#iOS #EIFT #agentextractor #dfir #mobileforensics
Last month, we introduced a new low-level mechanism, which enabled access to parts of the file system from many Apple devices. The partial extraction process relies on a weak exploit that did not allow full sandbox escape. Today, the limitations are gone, and we are proud to offer the full file system extraction and keychain decryption for the entire iOS 15 range up to and including iOS/iPadOS 15.7.2.
👉 https://blog.elcomsoft.com/2023/05/low-level-extraction-for-ios-15/
#iOS #EIFT #agentextractor #dfir #mobileforensics
Elcomsoft Wireless Security Auditor adds support for Intel Arc graphics cards
We updated Elcomsoft Wireless Security Auditor with support for Intel Arc family of graphics cards, Intel’s cost-efficient entry to discrete GPU market.
👉 https://www.elcomsoft.com/news/836.html
#EWSA #password #IntelArc #gpu #dfir
We updated Elcomsoft Wireless Security Auditor with support for Intel Arc family of graphics cards, Intel’s cost-efficient entry to discrete GPU market.
👉 https://www.elcomsoft.com/news/836.html
#EWSA #password #IntelArc #gpu #dfir
What Forensic Vendors Don’t Like To Tell Their Customers. Part 1
The market of digital forensic tools is a tight one, just like any other niche market. The number of vendors is limited, especially when catering such specific needs as unlocking suspects’ handheld devices or breaking encryption. However, amidst the promises of cutting-edge technology and groundbreaking solutions, there are certain limitations that forensic vendors often don’t like to disclose to their customers. These limitations can have a significant impact on the applicability, effectiveness and reliability of the tools being offered.
👉 https://blog.elcomsoft.com/2023/06/what-forensic-vendors-dont-like-to-tell-their-customers-part-1/
#DFIR
The market of digital forensic tools is a tight one, just like any other niche market. The number of vendors is limited, especially when catering such specific needs as unlocking suspects’ handheld devices or breaking encryption. However, amidst the promises of cutting-edge technology and groundbreaking solutions, there are certain limitations that forensic vendors often don’t like to disclose to their customers. These limitations can have a significant impact on the applicability, effectiveness and reliability of the tools being offered.
👉 https://blog.elcomsoft.com/2023/06/what-forensic-vendors-dont-like-to-tell-their-customers-part-1/
#DFIR
What Forensic Vendors Don’t Like To Tell Their Customers. Part 2
Year after year, the field of digital forensics and incident response (DFIR) presents us with new challenges. Various vendors from around the world are tirelessly striving to simplify and enhance the work of experts in this field, but there are some things you probably do not know about (or simply never paid attention to) that we discussed in the first part of these series. Today we’ll discuss some real cases to shed light onto some vendors’ shady practices.
👉 https://blog.elcomsoft.com/2023/06/what-forensic-vendors-dont-like-to-tell-their-customers-part-2/
#DFIR
Year after year, the field of digital forensics and incident response (DFIR) presents us with new challenges. Various vendors from around the world are tirelessly striving to simplify and enhance the work of experts in this field, but there are some things you probably do not know about (or simply never paid attention to) that we discussed in the first part of these series. Today we’ll discuss some real cases to shed light onto some vendors’ shady practices.
👉 https://blog.elcomsoft.com/2023/06/what-forensic-vendors-dont-like-to-tell-their-customers-part-2/
#DFIR
checkm8 extraction for iOS 15.7.6 and 16.5
Elcomsoft iOS Forensic Toolkit 8.23 expands bootloader-level checkm8-based extraction support, adding support for the latest available iOS 15 and 16 builds. The newly supported OS versions include iOS/iPadOS/tvOS 15.7.6 and 16.5. Thanks to the expanded range of supported OS versions, the tool now supports the full range of of iOS 15 and 16 builds on checkm8-vulnerable devices.
👉 https://www.elcomsoft.com/news/838.html
#EIFT #checkm8 #iOS #dfir #mobileforensic
Elcomsoft iOS Forensic Toolkit 8.23 expands bootloader-level checkm8-based extraction support, adding support for the latest available iOS 15 and 16 builds. The newly supported OS versions include iOS/iPadOS/tvOS 15.7.6 and 16.5. Thanks to the expanded range of supported OS versions, the tool now supports the full range of of iOS 15 and 16 builds on checkm8-vulnerable devices.
👉 https://www.elcomsoft.com/news/838.html
#EIFT #checkm8 #iOS #dfir #mobileforensic
Low-level Extraction for iOS 16 with iPhone 14/14 Pro Support
A while ago, we introduced an innovative mechanism that enabled access to parts of the file system for latest-generation Apple devices. The process we called “partial extraction” relied on a weak exploit that, at the time, did not allow a full sandbox escape. We’ve been working to improve the process, slowly lifting the “partial” tag from iOS 15 devices. Today, we are introducing a new, enhanced low-level extraction mechanism that enables full file system extraction for the iOS 16 through 16.3.1 on all devices based on Apple A12 Bionic and newer chips.
👉 https://blog.elcomsoft.com/2023/06/low-level-extraction-for-ios-16-with-iphone-14-14-pro-support/
#agent #EIFT #Elcomsoft #iOS #iOS16 #dfir #mobileforensics
A while ago, we introduced an innovative mechanism that enabled access to parts of the file system for latest-generation Apple devices. The process we called “partial extraction” relied on a weak exploit that, at the time, did not allow a full sandbox escape. We’ve been working to improve the process, slowly lifting the “partial” tag from iOS 15 devices. Today, we are introducing a new, enhanced low-level extraction mechanism that enables full file system extraction for the iOS 16 through 16.3.1 on all devices based on Apple A12 Bionic and newer chips.
👉 https://blog.elcomsoft.com/2023/06/low-level-extraction-for-ios-16-with-iphone-14-14-pro-support/
#agent #EIFT #Elcomsoft #iOS #iOS16 #dfir #mobileforensics
Safeguarding Digital Evidence: Don’t Shut It Down!
In the digital age, where information is a precious commodity and evidence is increasingly stored in virtual realms, the importance of preserving digital evidence has become a must in modern investigative practices. However, the criticality of proper handling is often overlooked, potentially jeopardizing access to crucial data during an investigation. In this article, we will once again highlight the importance of meticulous preservation techniques and live session analysis to prevent the loss of digital evidence.
👉 https://blog.elcomsoft.com/2023/06/safeguarding-digital-evidence-dont-shut-it-down/
#DFIR #diskencryption #livesystemanalysis
In the digital age, where information is a precious commodity and evidence is increasingly stored in virtual realms, the importance of preserving digital evidence has become a must in modern investigative practices. However, the criticality of proper handling is often overlooked, potentially jeopardizing access to crucial data during an investigation. In this article, we will once again highlight the importance of meticulous preservation techniques and live session analysis to prevent the loss of digital evidence.
👉 https://blog.elcomsoft.com/2023/06/safeguarding-digital-evidence-dont-shut-it-down/
#DFIR #diskencryption #livesystemanalysis
Accelerating digital forensics: Elcomsoft System Recovery boosts efficiency in forensic analysis
Elcomsoft System Recovery, a bootable forensic analysis tool for Windows, receives an update that introduces several new features designed to enhance efficiency and simplicity during in-field investigations. The updated tool enables the collection, extraction, and analysis of essential artifacts available on the computers being investigated.
👉 https://www.elcomsoft.com/news/841.html
#ESR #Windows #DFIR #digitalforensics
Elcomsoft System Recovery, a bootable forensic analysis tool for Windows, receives an update that introduces several new features designed to enhance efficiency and simplicity during in-field investigations. The updated tool enables the collection, extraction, and analysis of essential artifacts available on the computers being investigated.
👉 https://www.elcomsoft.com/news/841.html
#ESR #Windows #DFIR #digitalforensics
Accelerating Computer Forensics: Elcomsoft System Recovery and the Low-Hanging Fruit Strategy
In the world of digital investigations, the sheer volume of data and the challenge of identifying valuable evidence can be overwhelming. Often, investigators find themselves faced with the need for optimization — the ability to quickly and seamlessly identify what is valuable and requires further examination. We aim to fulfill this need by introducing a new forensic toolkit in Elcomsoft System Recovery, a powerful bootable tool designed to speed up investigations, quickly identify and collect digital evidence right on the spot. 🔥
👉 https://blog.elcomsoft.com/2023/07/accelerating-computer-forensics-elcomsoft-system-recovery-and-the-low-hanging-fruit-strategy/
#ESR #Windows #DFIR #digitalforensics
In the world of digital investigations, the sheer volume of data and the challenge of identifying valuable evidence can be overwhelming. Often, investigators find themselves faced with the need for optimization — the ability to quickly and seamlessly identify what is valuable and requires further examination. We aim to fulfill this need by introducing a new forensic toolkit in Elcomsoft System Recovery, a powerful bootable tool designed to speed up investigations, quickly identify and collect digital evidence right on the spot. 🔥
👉 https://blog.elcomsoft.com/2023/07/accelerating-computer-forensics-elcomsoft-system-recovery-and-the-low-hanging-fruit-strategy/
#ESR #Windows #DFIR #digitalforensics
iOS Forensic Toolkit Tips & Tricks
For forensic experts dealing with mobile devices, having a reliable and efficient forensic solution is crucial. Elcomsoft iOS Forensic Toolkit is an all-in-one software that aids in extracting data from iOS devices, yet it is still far away from being a one-button solution that many experts keep dreaming of. In this article, we will walk you through the preparation and installation steps, list additional hardware environments, and provide instructions on how to use the toolkit safely and effectively.
👉🏻 https://blog.elcomsoft.com/2023/07/ios-forensic-toolkit-tips-tricks/
#EIFT #tipsandtricks #dfir
For forensic experts dealing with mobile devices, having a reliable and efficient forensic solution is crucial. Elcomsoft iOS Forensic Toolkit is an all-in-one software that aids in extracting data from iOS devices, yet it is still far away from being a one-button solution that many experts keep dreaming of. In this article, we will walk you through the preparation and installation steps, list additional hardware environments, and provide instructions on how to use the toolkit safely and effectively.
👉🏻 https://blog.elcomsoft.com/2023/07/ios-forensic-toolkit-tips-tricks/
#EIFT #tipsandtricks #dfir
iOS Device Acquisition: Installing the Extraction Agent
Acquiring data from Apple devices, specifically those not susceptible to bootloader exploits (A12 Bionic chips and newer), requires the use of agent-based extraction. This method allows forensic experts to obtain the complete file system from the device, maximizing the amount of data and evidence they can gather using the iOS Forensic Toolkit. In this article, we will discuss some nuances of agent-based iOS device acquisition.
👉🏻 https://blog.elcomsoft.com/2023/07/ios-device-acquisition-installing-the-extraction-agent/
#agent #AppleDeveloperProgram #EIFT #ElcomsoftiOSForensicToolkit #dfir #tipsandtricks #mobileforensics
Acquiring data from Apple devices, specifically those not susceptible to bootloader exploits (A12 Bionic chips and newer), requires the use of agent-based extraction. This method allows forensic experts to obtain the complete file system from the device, maximizing the amount of data and evidence they can gather using the iOS Forensic Toolkit. In this article, we will discuss some nuances of agent-based iOS device acquisition.
👉🏻 https://blog.elcomsoft.com/2023/07/ios-device-acquisition-installing-the-extraction-agent/
#agent #AppleDeveloperProgram #EIFT #ElcomsoftiOSForensicToolkit #dfir #tipsandtricks #mobileforensics
Best Practices in Mobile Forensics: Separating Extraction and Analysis
In the ever-evolving landscape of digital investigations, mobile forensics has become a critical aspect of law enforcement work. The challenges of extracting, handling, and analyzing data obtained from various sources have led to a growing demand for universal solutions. We’d like to emphasize the importance of every stage of mobile forensics, the significance of extraction, and the critical importance of expertise in this field.
👉 https://blog.elcomsoft.com/2023/07/best-practices-in-mobile-forensics-separating-extraction-and-analysis/
#DFIR #mobileforensics
In the ever-evolving landscape of digital investigations, mobile forensics has become a critical aspect of law enforcement work. The challenges of extracting, handling, and analyzing data obtained from various sources have led to a growing demand for universal solutions. We’d like to emphasize the importance of every stage of mobile forensics, the significance of extraction, and the critical importance of expertise in this field.
👉 https://blog.elcomsoft.com/2023/07/best-practices-in-mobile-forensics-separating-extraction-and-analysis/
#DFIR #mobileforensics
Elcomsoft iOS Forensic Toolkit 8.50 expands capabilities for Linux users and legacy devices
Elcomsoft iOS Forensic Toolkit 8.50 is now available for Linux users in the all-new Linux edition. This new update implements logical acquisition, as well as agent-based and bootloader-based low-level extraction methods in a single tool for common Linux distros. In addition, the update brings low-level extraction for Apple Watch S0, S1, and S2 and improves bootloader level extractions for all supported devices.
👉🏻 https://www.elcomsoft.com/news/846.html
#linux #applewatch #apple #EIFT #dfir
Elcomsoft iOS Forensic Toolkit 8.50 is now available for Linux users in the all-new Linux edition. This new update implements logical acquisition, as well as agent-based and bootloader-based low-level extraction methods in a single tool for common Linux distros. In addition, the update brings low-level extraction for Apple Watch S0, S1, and S2 and improves bootloader level extractions for all supported devices.
👉🏻 https://www.elcomsoft.com/news/846.html
#linux #applewatch #apple #EIFT #dfir
Forensic Insights into Apple Watch Data Extraction
The latest update to the iOS Forensic Toolkit has expanded data extraction support for older models of Apple Watch, introducing low-level extraction capabilities for Apple Watch Series 0, Series 1, and Series 2. In a landscape where new devices are released on a yearly schedule, we stand committed to a balanced approach. While it’s easy for many to dismiss older devices, we recognize their significance as they frequently reappear in the labs of forensic experts. It is important to emphasize that, unlike many, we cater to the needs of experts who have to deal with legacy devices. This enhancement enables macOS and Linux users to delve deeper into these watches, retrieving crucial information such as passwords and complete file systems.
👉🏻 https://blog.elcomsoft.com/2023/11/forensic-insights-into-apple-watch-data-extraction/
#applewatch #apple #EIFT #watchOS #dfir
The latest update to the iOS Forensic Toolkit has expanded data extraction support for older models of Apple Watch, introducing low-level extraction capabilities for Apple Watch Series 0, Series 1, and Series 2. In a landscape where new devices are released on a yearly schedule, we stand committed to a balanced approach. While it’s easy for many to dismiss older devices, we recognize their significance as they frequently reappear in the labs of forensic experts. It is important to emphasize that, unlike many, we cater to the needs of experts who have to deal with legacy devices. This enhancement enables macOS and Linux users to delve deeper into these watches, retrieving crucial information such as passwords and complete file systems.
👉🏻 https://blog.elcomsoft.com/2023/11/forensic-insights-into-apple-watch-data-extraction/
#applewatch #apple #EIFT #watchOS #dfir
iOS Forensic Toolkit: Exploring the Linux Edition
The latest update of iOS Forensic Toolkit brought an all-new Linux edition, opening up a world of possibilities in mobile device analysis. The highly anticipated Linux edition preserves and expands the features previously available to macOS and Windows users. Forensic professionals can now perform advanced logical and low-level extractions with the aid of a custom extraction agent and extract information using the bootloader-level exploit, making forensic analysis more accessible on Linux platforms.
👉🏻 https://blog.elcomsoft.com/2023/11/ios-forensic-toolkit-exploring-the-linux-edition/
#linux #EIFT #checkm8 #dfir #lowlevelextraction #dataextraction
The latest update of iOS Forensic Toolkit brought an all-new Linux edition, opening up a world of possibilities in mobile device analysis. The highly anticipated Linux edition preserves and expands the features previously available to macOS and Windows users. Forensic professionals can now perform advanced logical and low-level extractions with the aid of a custom extraction agent and extract information using the bootloader-level exploit, making forensic analysis more accessible on Linux platforms.
👉🏻 https://blog.elcomsoft.com/2023/11/ios-forensic-toolkit-exploring-the-linux-edition/
#linux #EIFT #checkm8 #dfir #lowlevelextraction #dataextraction
Forensically Sound Cold System Analysis
In the world of digital forensics, there are various ways to analyze computer systems. You might be familiar live system analysis or investigating forensic disk images, but there’s yet another method called cold system analysis. Unlike live analysis where experts deal with active user sessions, cold system analysis works differently. It’s like a middle ground between live analysis and examining saved images of a computer’s storage. But why and when would someone use cold analysis? What can you do with it, and how does it compare to the usual methods?
👉🏻 https://blog.elcomsoft.com/2024/01/forensically-sound-cold-system-analysis/
#EDPR #EFDD #ESR #dfir
In the world of digital forensics, there are various ways to analyze computer systems. You might be familiar live system analysis or investigating forensic disk images, but there’s yet another method called cold system analysis. Unlike live analysis where experts deal with active user sessions, cold system analysis works differently. It’s like a middle ground between live analysis and examining saved images of a computer’s storage. But why and when would someone use cold analysis? What can you do with it, and how does it compare to the usual methods?
👉🏻 https://blog.elcomsoft.com/2024/01/forensically-sound-cold-system-analysis/
#EDPR #EFDD #ESR #dfir