Mobile device forensics & digital investigation

What we have done so far

PiRogue

We have published the version 16.2.y of Frida, this new package is available on our PPA for Debian 12 and can be installed by upgrading the PiRogue:

sudo apt update
sudo apt dist-upgrade

Friendly reminder

We strongly recommend to use the version 2.0.0 of PiRogue OS for Raspberry Pi which is based on Debian 12. This version is now the only one actively supported and maintained.

The current version of the OS can be found by running the following command on the PiRogue:

cat /etc/os-release | grep PRETTY_NAME

If the command does not return PRETTY_NAME="Debian GNU/Linux 12 (bookworm)", the latest version of PiRogue OS has to be installed, this guide explains how to setup a PiRogue. We suggest to use another SD-card than the one already used by the PiRogue. Once the latest image has be flashed on a new SD-card, simply replace the “old” SD-card by the new one.

Colander

Nothing noteworthy has been done this month.

Community and outreach

We attended the CiviCERT in-person meeting and we’ve received countless positive feedbacks on PTS.

The documentation of the whole project is available on our website.

We are grateful for the support of our community. To ensure the continued development and maintenance of this project, we have set up an Open Collective page.

We are hosting a beta version of Colander which is open to community members. Feel free to ask for an account.

What we plan to do next month

  • do some cleanup and maintenance chores
  • implement the optional support of friTap to improve the capture and the decryption of TLS traffic