Mobile Devices

• Full file system and keychain extractions from devices running iOS versions 14.0 through 16.1.2. This method involves installing an agent app directly onto the device, providing deeper access than standard backups.
• iTunes backup – This universal backup methodology can be encrypted for maximum data collection. Computer trust must be enabled.
• Checkm8 – This exploit allows for the Checkra1n full file system extraction of multiple devices spanning iOS versions 12.4 through 16.0. This method requires device access and “jailbreaking” the iOS operating system.

Locked Android Devices

• Utilize exploits to conduct physical device extractions against locked devices.
• MediaTek, UNISOC, Qualcomm, and others.
• Utilize technology to brute-force passwords and lock codes to acquire encrypted data.
• Samsung Exynos, Huawei Kirin, Sony, and others.

Unlocked Android Devices

• Physical device extraction – based on chipset.
• Full File System extraction – based on exploits.
• Application Downgrade extraction – based on application version support.
• Android Agent extraction – selective logical and 3rd party application data capture.

Enterprise-Grade Tools

• Unisoc / Spreadtrum Feature Phone.
• UICC – extraction of file system from SIM Card.
• DJI Drone – extraction of physical image.
• Memory Card – extraction of physical image.
• MTP – extraction of file system from devices using MTP protocol.
• MTK Feature phone – extraction of physical image from non-smartphone devices.
• KaiOS – extraction of physical image based on Qualcomm chipset.