Christian Peter
zamomin.bsky.social
Christian Peter
@zamomin.bsky.social
42 followers 35 following 10 posts
The UFADE guy
Posts Media Videos Starter Packs
A new UFADE Version is out! (github.com/prosch88/UFA...) New in 1.0.1:

Customizable backup functions,

The option to decrypt existing iTunes backups,

Interface improvements,

More consistent display on different platforms,

Includes the latest identifiers for the new iPhone and Apple Watch models
Reposted by Christian Peter
The big v1.0 release of #UFADE is here, thanks as always to @zamomin.bsky.social for provided an awesome tool github.com/prosch88/UFA...
UFADE 0.9.8 is out now! (github.com/prosch88/UFA...)

- Unified Logs are now included in the PRFS Backup
- Device info is now shown in recovery or DFU mode
- An issue with mounting DDIs on older devices was solved
- improved decryption error handling

#UFADE
#dfir
#forensics
#iOS
Just tried to get some sort of "dark mode" with the latest Autopsy.
If you want to try: add "--laf com.formdev.flatlaf.FlatDarkLaf" to the "default_options" line in AppData\Roaming\autopsy\etc\autopsy.conf
The "Logical Files" source screen isn't showing. Aside from that it's working great!

#dfir
If you want to collect Unified Logs from an Apple Homepod (1. Gen), you can use UFADE to do so. I was able to connect the device with a 3D printed adapter on macOS and Windows.

#UFADE
#forensics
#ios
#dfir
Has everyone recovered from the 18.1 update?
Good, because iOS 18.2 brings a new security feature.
With stolen device protection activated, pairing with PCs in not trusted locations is prevented.

Better try to deactivate this Feature while still in the trusted location.

#ios
#dfir
#forensics
Yes. I used an iBus Adapter (MaAnt AWBT) and triggered the sysdiagnose creation with my UFADE tool.
Did you know that you can find references to a user's other devices in the sysdignose archive of an Apple Watch?

Look at these entries in "otctl_status.txt" for serial numbers and "logs/Bluetooth/CoreCapture/bluetooth_status.txt" for the names of the devices the watch is paired to.

#dfir
#apple
With the latest version of UFADE you are able to capture live syslogs from iOS devices. In addition, the logging features are now compiled in a separate submenu.
Furthermore, the compatibility with legacy devices has been increased (e.g. Ipad 1)

github.com/prosch88/UFA...

#UFADE
#forensics
#ios