Bypassing Stolen Device Protection: Alternative Ways of Installing the Extraction Agent
June 24th, 2026 by Oleg Afonin
Stated plainly: iOS Forensic Toolkit can now get past Stolen Device Protection. There is a catch, and it belongs up front: this is not a magic unlock, and anyone selling it as one is selling something. What we have built is a way to install the extraction agent without ever pairing the iPhone to the workstation over a USB port. Because the most disruptive thing SDP does to a forensic workflow is place Face ID or Touch ID in front of that pairing step, bypassing the pairing step bypasses the gate. You still need the device passcode, a paid Apple Developer account, and a device you are authorized to examine. With those in hand, SDP is no longer the wall it was a month ago.
AutoINcomplete
March 26th, 2009 by Olga Koksharova
Have you ever had to say sorry because you’ve sent an e-mail to a wrong person? Isn’t it an embarrassing situation? Hopefully it wasn’t a confidential e-mail otherwise you may get into trouble. After all it’s typical of all of us. You’ve simply made a stupid blunder to enter a wrong address…or to use AutoComplete. Such things may trigger some unpleasant consequences which is actually a minimal harm AutoComplete can incur.
Pen Testing with Distributed Password Recovery and GPUs
March 19th, 2009 by Katerina Korolkova, Direktur Humas
The German c’t magazine (issue 06/09) has published an article about cracking of NTLM-hashes with graphic cards. In this article pen test experts from SySS GmbH bring up a touchy question of how fast an intruder can break into your system. How long should your Windows logon password be, so that you could keep having your beauty sleep?
