Avilla Forensics is a free mobile forensics tool designed for data extraction and analysis. Here’s a detailed report on the features and functionalities of the Avilla Forensics 3.6 release:

Overview:

License: Avilla Forensics is released under the GNU General Public License (GPL) version 3.
Recognition: The tool has achieved international recognition by winning the first place in the Forensics 4:Cast awards in the non-commercial tool category, as announced at the SANS Institute event.

Features and Functionalities:

Mobile Forensics Capabilities:

Backup ADB:

Allows for Android default backup.

APK Downgrade:

Downgrades 15 popular apps, including WhatsApp, Telegram, Messenger, and others.

Parser Chats WhatsApp:

Parses WhatsApp chats, including support for both old and new database schema.
Transcription of WhatsApp .opus audio files with an HTML parser.

Miscellaneous ADB Collections:

Gathers various ADB collections, including system properties, dumpsys, geolocation, IMEI, and more.

Tracking, Downloading, and Decrypting WhatsApp .ENC Files:

Provides the ability to track, download, and decrypt WhatsApp .ENC files.

Contact List Search:

Searches and retrieves contact lists, avatar photos, and deleted WhatsApp contacts.

Decrypting WhatsApp Databases Crypt 14/15:

Decrypts WhatsApp databases with Crypt 14 and Crypt 15 encryption.

Screenshots, Screen DUMP, and Chat Capture:

Captures screenshots, screen dumps, and chat conversations.

Automatic Integration with Other Tools:

Integrates with IPED, AFLogical, Alias Connector, MVT, JADX, and WhatsApp Viewer

Conversion and Processing:
Converts .AB to .TAR.
Fast scan and real-time transfer of files.
Image Finder with hash, metadata, and geolocation capabilities.
Device Manipulation:
Installs and uninstalls APKs via ADB.
Device mirroring functionality.
Instagram Data Scraping:
Scrapes data from Instagram.
Hash Calculator:
Calculates various file hashes (SHA-256, SHA-1, SHA-384, SHA-512, SHA-MD5).
Android Folder Browser (PULL and PUSH):
Allows browsing and transferring of files and folders.
Merge WhatsApp Databases:
Merges multiple WhatsApp databases.

IOS Data Extraction Module:

Provides functionalities for iOS data extraction.

Tool Prerequisites:

Requires technical knowledge of forensics in mobile devices.
Minimal computer knowledge.
Device with DEBUG mode activated.
Windows 10/11 with proper updates.

Third-Party Tools:

Utilizes various third-party tools under different licenses, including Apache, GNU General Public License, MIT License, BSD License, and Freeware License.

Installation and Training:

Installation involves extracting the tool and installing required third-party tools like JAVA, Python, and others.

Training resources are available, including a course by the Academy of Digital Forensics and a manual with step-by-step instructions.

Download and Donation:

Avilla Forensics 3.6 is available for download from multiple sources with a file size of 2.53 GB.
Donations can be made via PIX

Technologies Used:

Avilla Forensics is developed using C#, Python, and Java.

Contacts:

Avilla Forensics 3.6

Improvement of the IOS extraction module.
Implementation of IOS real-time mirroring.
Looping Screenshots for IOS.
Improvement of the Whatsapp .enc media download and decryption module.
Display only hidden chats in Whatsapp Parser.
Search only for a specific phone number in whatsapp Parser.

Download Setup-Forensics-3-6.exe:

SIZE: 2.53 GB

Conclusion:

Avilla Forensics is a comprehensive and feature-rich tool for mobile forensics, offering a wide range of functionalities for both Android and iOS devices. The tool’s integration with various third-party tools enhances its capabilities, making it a valuable resource for digital forensics professionals. The availability of training resources and a dedicated community supports users in maximizing the tool’s potential for investigations.