Welcome to the world of mobile forensics, where extracting data is the first (and arguably the most critical) step. Whether you’re working with an ancient Apple device or attempting to break into the latest iPhone 16 Pro Max, there is a method for every gadget – each with its own share of challenges. We love explaining the differences between the extraction techniques, detailing their pros and contras, but sometimes you are limited to the one and only method that is the most likely to succeed.

Using a firewall is essential to secure the installation of the extraction agent when performing low-level extraction from a variety of iOS devices. We developed two solutions: a software-based firewall for macOS and a hardware-based firewall using a Raspberry Pi (or similar microcomputer) with our own custom firmware. This guide will help you choose the best option for your needs.

In the latest update of Elcomsoft Distributed Password Recovery (EDPR), we’ve introduced a revamped load-balancing feature. The new feature aims to enhance resource utilization on local workstations across diverse hardware configurations. This update has drastically reduced the time required to break passwords in certain hardware configurations, thanks to a refined load distribution algorithm. In this article, we’ll share some technical details on how load balancing leverages a mix of GPUs and CPU cores.

Advanced Intuit Password Recovery received a major overhaul, adding support for Intuit QuickBooks 2024. For QuickBooks’ annual update, we are excited to provide the complete solution for safe, instant, unconditional password removal. This enhancement addresses a persistent issue in earlier versions, making user management more reliable and efficient for users, IT professionals, and digital forensic specialists.

In the field of digital forensics, properly handling the task of disk imaging is crucial for preserving data integrity. Using write blockers ensures that no data is altered during the imaging process, a key requirement for maintaining the chain of custody. While there are many factors influencing the efficiency and speed of this process, this article offers advanced tips and considerations that can help achieve optimal performance.

Our blog features numerous articles on breaking passwords and accessing encrypted data, ranging from simple “how-to” guides to comprehensive manuals. However, many of the questions we are frequently asked are not about the technical stuff but rather the very basics of password recovery. Can you break that password? Is it legal? How much time do you think it will take to break this one? We do have the answers, but they require digging through the extensive content of our blog. To address this, we’ve created a comprehensive A to Z article that not only answers many common questions but also links to our previous posts.

Low-level extraction enables access to all the data stored in the iOS device. Previously, sideloading the extraction agent for imaging the file system and decrypting keychain required enrolling one’s Apple ID into Apple’s paid Developer Program if one used a Windows or Linux PC. Mac users could utilize a regular, non-developer Apple ID. Today, we are bringing this feature to Windows and Linux editions of iOS Forensic Toolkit.

Apple accounts are used in mobile forensics for sideloading third-party apps such as our own low-level extraction agent. Enrolling an Apple ID into Apple Developer Program has tangible benefits for experts, but are they worth the investment? Some years back, it was a reassuring “yes”. Today, it’s not as simple. Let’s delve into the benefits and limitations of Apple Developer accounts in the context of mobile forensics.

iOS Forensic Toolkit comes in three flavors, available in macOS, Windows, and Linux editions. What is the difference between these edition, in what ways is one better than the other, and which edition to choose for everyday work? Read along to find out.

Twelve years ago, we introduced an innovative way of accessing iPhone user data, retrieving iPhone backups straight from Apple iCloud. As our iCloud extraction technology celebrates its twelfth anniversary, it’s a fitting moment to reflect on the reactions it has provoked within the IT community. Let us commemorate the birth of the cloud extraction technology, recap the initial reactions from the forensic community, and talk about where this technology stands today.