Eighteen Years of GPU Acceleration
November 27th, 2025 by Oleg Afonin
Eighteen years ago, before “GPU acceleration” and “AI data center” became household terms, a small hi-tech company changed the rules of cryptography. In 2007, we unveiled a radical idea – using the untapped power of graphics processors to recover passwords, which coincided with the release of video cards capable of performing fixed-point calculations. What began as an experiment would soon redefine performance computing across nearly every field.
Using and Troubleshooting the checkm8 Exploit
October 31st, 2023 by Oleg Afonin
The bootloader vulnerability affecting several generations of Apple devices opens the door to forensically sound extraction. In today’s article we’ll discuss the compatibility and features of this exploit with different devices, iOS versions, and platforms. In addition, we’ll provide security professionals and researchers with valuable insight into potential issues and solutions when working with checkm8.
iOS Forensic Toolkit 8 Lands on Windows
October 5th, 2023 by Oleg Afonin
We have exciting news: iOS Forensic Toolkit 8 is now available for Windows users in the all-new Windows edition. The new build maintains and extends the functionality of EIFT 7, which is now approaching the end of its life cycle. In addition, we’ve made the Toolkit portable, eliminating the need for installation. Learn what’s new in the eights version of the Toolkit!
iOS Forensic Toolkit: Troubleshooting Low-Level Extraction Agent
September 12th, 2023 by Oleg Afonin
In this tutorial, we will address common issues faced by users of the iOS Forensic Toolkit when installing and using the low-level extraction agent for accessing the file system and keychain on iOS devices. This troubleshooting guide is based on the valuable feedback and data received by our technical support team.
What to Do When Password Recovery Attacks Stall
August 22nd, 2023 by Oleg Afonin
Have you ever tried to unlock a password but couldn’t succeed? This happens when the password is really strong and designed to be hard to break quickly. In this article, we’ll explain why this can be a tough challenge and what you can do about it.
Open-Sourcing Orange Pi R1 Plus LTS Software for Firewall Functionality: Secure Sideloading of Extraction Agent
August 3rd, 2023 by Oleg Afonin
We are excited to announce the release of an open-source software for Orange Pi R1 LTS designed to provide firewall functionality for sideloading, signing, and verifying the extraction agent that delivers robust file system imaging and keychain decryption on a wide range of Apple devices with iOS Forensic Toolkit. This development aims to address the growing security challenge faced by forensic experts when sideloading the extraction agent using regular and developer Apple accounts.
Breaking into iOS 16.5: Extracting the File System and Keychain
August 2nd, 2023 by Oleg Afonin
When it comes to iOS data acquisition, Elcomsoft iOS Forensic Toolkit is the top choice for forensic experts. Its cutting-edge features and unmatched capabilities have made it the go-to software for investigating iOS devices. In a recent update, we expanded the capabilities of the low-level extraction agent to support full file system extraction and keychain decryption on Apple’s newest devices running iOS 16.5. This achievement represents a breakthrough, as the delay between Apple’s iOS updates and our forensic software release has significantly reduced.
Best Practices in Mobile Forensics: Separating Extraction and Analysis
July 31st, 2023 by Oleg Afonin
In the ever-evolving landscape of digital investigations, mobile forensics has become a critical aspect of law enforcement work. The challenges of extracting, handling, and analyzing data obtained from various sources have led to a growing demand for universal solutions. We’d like to emphasize the importance of every stage of mobile forensics, the significance of extraction, and the critical importance of expertise in this field.
Apple iCloud Acquisition: A Lifeline for Forensic Experts
July 25th, 2023 by Oleg Afonin
Acquiring data from locked, broken, or inaccessible devices poses significant challenges. However, there are ways to retrieve valuable information from such devices by obtaining the data from iCloud, including old data that has been deleted with no chance of recovery. In this article, we will explore the classic acquisition methods available for iOS devices and focus on the crucial role of Apple iCloud in forensic investigations.
iOS Device Acquisition: Installing the Extraction Agent
July 21st, 2023 by Vladimir Katalov
Acquiring data from Apple devices, specifically those not susceptible to bootloader exploits (A12 Bionic chips and newer), requires the use of agent-based extraction. This method allows forensic experts to obtain the complete file system from the device, maximizing the amount of data and evidence they can gather using the iOS Forensic Toolkit. In this article, we will discuss some nuances of agent-based iOS device acquisition.
iOS Forensic Toolkit Tips & Tricks
July 17th, 2023 by Vladimir Katalov
For forensic experts dealing with mobile devices, having a reliable and efficient forensic solution is crucial. Elcomsoft iOS Forensic Toolkit is an all-in-one software that aids in extracting data from iOS devices, yet it is still far away from being a one-button solution that many experts keep dreaming of. In this article, we will walk you through the preparation and installation steps, list additional hardware environments, and provide instructions on how to use the toolkit safely and effectively.
