AntiDarkSword v4.9.0

Final Release v4.9.0

• cleaned up settings descriptions

Compatibility Guide

File	For
*_iphoneos-arm64.deb	iOS 15+ Rootless (all models)
*_iphoneos-arm.deb	iOS 15+ Rootful (all models)
*_iphoneos-arm_legacy.deb	iOS 13–14 Rootful (A9 - A11)
*_TrollFools.dylib	iOS 15+ TrollStore / TrollFools (all models)

AntiDarkSword v4.8.9

v4.8.9

Added sileo icons / banners / tabs

Compatibility Guide

File	For
*_iphoneos-arm64.deb	iOS 15+ Rootless (all models)
*_iphoneos-arm.deb	iOS 15+ Rootful (all models)
*_iphoneos-arm_legacy.deb	iOS 13–14 Rootful (A9 - A11)
*_TrollFools.dylib	iOS 15+ TrollStore / TrollFools (all models)

AntiDarkSword v4.8.8

v4.8.8 (shake phone in credits section)

• Dynamic Header Banner: The preference bundle now automatically loads a Light Mode variant of the header banner (banner2.png) if available.
• Light Mode Mini-Games: Updated ADSJailTris and ADSPyEater to seamlessly blend with Light Mode by utilizing a dynamic color inversion filter, fixing the jarring hardcoded dark backgrounds.
• Refined Rule Strictness & Mitigations: Adjusted Level 1-3 defaults for Mail and Messaging apps. Emails now render normally at lower levels, while Level 3 strictly blocks remote content and risky attachments (including across app extensions). Additionally, ineffective media blocking rules were removed from Level 3 browser defaults.
• Smart Toggle Dependencies: Implemented intelligent dependencies between security features. For example, blocking JavaScript now automatically forces JIT blocking and remembers your previous state, preventing accidental configuration resets when toggling features back and forth.
• UI & Quality of Life Improvements: Updated interface terminology for clarity (changing "Disable" to "Block"), and updated the menu logic so app plugin settings now correctly gray out when the parent app's master rule is turned off.
• Enhanced Engine Detection: Added a GeckoView runtime fallback to improve detection for Firefox-based browsers.

4.8.1+

• Added 2 new (recommended) mitigations:
  • Block Remote Content - Blocks external resource loads
  • Block Risky Attachments Previews - HEIC/WebP/PDF preview suppression
• Added to UA injection gaurd (while* loading/opening an app, the real UA leaked, doesnt anymore)
• Added to the Corellium with uuidtext (for uuid checks).
• Added interception of notification extensions for iMessage / Mail.
• Added biometric check for TrollStore / TrollFools dylib overlay.
• Added "App Plugins" mitigation section under their parent apps rules.
• The settings menu will no longer ask to reboot / respring unless the Protection Enabled toggle is on.
• The probe counter now fires only on explicit /usr/libexec/corelliumd path queries (hook_access, hook_stat, hook_lstat, NSFileManager -fileExistsAtPath:

Compatibility

File	For
*_iphoneos-arm64.deb	iOS 15+ Rootless (all models)
*_iphoneos-arm.deb	iOS 15+ Rootful (all models)
*_iphoneos-arm_legacy.deb	iOS 13–14 Rootful (A9 - A11)
*_TrollFools.dylib	iOS 15+ TrollStore / TrollFools (all models)

AntiDarkSword v4.8.6

v4.8.6

• Bug Fix:

1. access("Frameworks/GeckoView.framework", F_OK) — catches the case where Mozilla restructures and embeds libmozglue inside the GeckoView bundle instead of at the top-level Frameworks/ dir.
2. strstr(name, "GeckoView") added to the runtime dyld fallback for the same reason.

4.8.X

• Added 2 new (recommended) mitigations:
  • Block Remote Content - Blocks external resource loads
  • Block Risky Attachments Previews - HEIC/WebP/PDF preview suppression
• Added to UA injection gaurd (while* loading/opening an app, the real UA leaked, doesnt anymore)
• Added to the Corellium with uuidtext (for uuid checks).
• Added interception of notification extensions for iMessage / Mail.
• Added biometric check for TrollStore / TrollFools dylib overlay.
• Added "App Plugins" mitigation section under their parent apps rules.
• The settings menu will no longer ask to reboot / respring unless the Protection Enabled toggle is on.

Compatibility

File	For
*_iphoneos-arm64.deb	iOS 15+ Rootless (all models)
*_iphoneos-arm.deb	iOS 15+ Rootful (all models)
*_iphoneos-arm_legacy.deb	iOS 13–14 Rootful (arm64 only)
*_TrollFools.dylib	iOS 15+ TrollStore / TrollFools (all models)

AntiDarkSword v4.8.5

v4.8.5

• Bug Fix: AntiDarkSwordUI/Tweak.x — the Gecko early-exit now leads with a fileSystemRepresentation + access() check against Frameworks/libmozglue.dylib in the app bundle (timing-independent), with the original _dyld_image_count() scan retained as a fallback for the edge case where mozglue is loaded from outside the bundle. This closes the Roothide injection-timing hole that allowed the previous check to pass silently for Reynard.

4.8.X

• Added 2 new (recommended) mitigations:
  • Block Remote Content - Blocks external resource loads
  • Block Risky Attachments Previews - HEIC/WebP/PDF preview suppression
• Added to UA injection gaurd (while* loading/opening an app, the real UA leaked, doesnt anymore)
• Added to the Corellium with uuidtext (for uuid checks).
• Added interception of notification extensions for iMessage / Mail.
• Added biometric check for TrollStore / TrollFools dylib overlay.
• Added "App Plugins" mitigation section under their parent apps rules.
• The settings menu will no longer ask to reboot / respring unless the Protection Enabled toggle is on.

Compatibility

File	For
*_iphoneos-arm64.deb	iOS 15+ Rootless (all models)
*_iphoneos-arm.deb	iOS 15+ Rootful (all models)
*_iphoneos-arm_legacy.deb	iOS 13–14 Rootful (arm64 only)
*_TrollFools.dylib	iOS 15+ TrollStore / TrollFools (all models)

AntiDarkSword v4.8.4

v4.8.4

• Bug Fix: Reynard browser crashing / conflicting - Added a _dyld_image_count() scan for "mozglue" in %ctor, before loadPrefs() and the WKContentRuleListStore call. If found, returns immediately. Gecko apps have no WKWebView attack surface to protect, so skipping them is both correct and necessary. The check covers all current and future Gecko-based browsers generically, not just Reynard by bundle ID.

4.8.X

• Added 2 new (recommended) mitigations:
  • Block Remote Content - Blocks external resource loads
  • Block Risky Attachments Previews - HEIC/WebP/PDF preview suppression
• Added to UA injection gaurd (while* loading/opening an app, the real UA leaked, doesnt anymore)
• Added to the Corellium with uuidtext (for uuid checks).
• Added interception of notification extensions for iMessage / Mail.
• Added biometric check for TrollStore / TrollFools dylib overlay.
• Added "App Plugins" mitigation section under their parent apps rules.
• The settings menu will no longer ask to reboot / respring unless the Protection Enabled toggle is on.

Compatibility

File	For
*_iphoneos-arm64.deb	iOS 15+ Rootless (all models)
*_iphoneos-arm.deb	iOS 15+ Rootful (all models)
*_iphoneos-arm_legacy.deb	iOS 13–14 Rootful (arm64 only)
*_TrollFools.dylib	iOS 15+ TrollStore / TrollFools (all models)

AntiDarkSword v4.8.3

New in v4.8.3

• Bug fix (removed 4.8.2) - App Plugins now reflect current state / UI no longer stale assuming parental rule.

4.8.2+

• Added 2 new (recommended) mitigations:
  • Block Remote Content - Blocks external resource loads
  • Block Risky Attachments Previews - HEIC/WebP/PDF preview suppression
• Added to UA injection gaurd (while* loading/opening an app, the real UA leaked, doesnt anymore)
• Added to the Corellium with uuidtext (for uuid checks).
• Added interception of notification extensions for iMessage / Mail.
• Added biometric check for TrollStore / TrollFools dylib overlay.
• Added "App Plugins" mitigation section under their parent apps rules.
• The settings menu will no longer ask to reboot / respring unless the Protection Enabled toggle is on.

Compatibility

File	For
*_iphoneos-arm64.deb	iOS 15+ Rootless (all models)
*_iphoneos-arm.deb	iOS 15+ Rootful (all models)
*_iphoneos-arm_legacy.deb	iOS 13–14 Rootful (arm64 only)
*_TrollFools.dylib	iOS 15+ TrollStore / TrollFools (all models)

AntiDarkSword v4.8.1

Bug Fix 4.8.1

The probe counter now fires only on explicit /usr/libexec/corelliumd path queries (hook_access, hook_stat, hook_lstat, NSFileManager -fileExistsAtPath:

New in 4.8.X

• Added 2 new (recommended) mitigations:
  • Block Remote Content - Blocks external resource loads
  • Block Risky Attachments Previews - HEIC/WebP/PDF preview suppression
• Added to UA injection gaurd (while* loading/opening an app, the real UA leaked, doesnt anymore)
• Added to the Corellium with uuidtext (for uuid checks).
• Added interception of notification extensions for iMessage / Mail.
• Added biometric check for TrollStore / TrollFools dylib overlay.
• The settings menu will no longer ask to reboot / respring unless the Protection Enabled toggle is on.

Compatibility

File	For
*_iphoneos-arm64.deb	iOS 15+ Rootless (all models)
*_iphoneos-arm.deb	iOS 15+ Rootful (all models)
*_iphoneos-arm_legacy.deb	iOS 13–14 Rootful (arm64 only)
*_TrollFools.dylib	iOS 15+ TrollStore / TrollFools (all models)

AntiDarkSword v4.8.0

AntiDarkSword v4.8.0

What Changed

• Added 2 new (recommended) mitigations:
  • Block Remote Content - Blocks external resource loads
  • Block Risky Attachments Previews - HEIC/WebP/PDF preview suppression
• Added to UA injection gaurd (on opening an app, the real UA leaked, doesnt anymore)
• Added to the Corellium with uuidtext (for uuid checks).
• Added interception of notification extensions for iMessage / Mail.
• Added biometric check for TrollStore / TrollFools dylib overlay.
• The settings menu will no longer ask to reboot / respring unless the Protection Enabled toggle is on.

Components

Component	Enhancement
AntiDarkSwordUI/Tweak.x	WKContentRuleList remote-content blocker (parity with TF variant)
AntiDarkSwordUI/Tweak.x	NSE interception for iMessage/Mail notification extensions
AntiDarkSwordUI/Tweak.x + TF	blockRiskyAttachmentPreviews — HEIC/WebP/PDF preview suppression
AntiDarkSwordUI/Tweak.x	Generation-based UA injection guard (pref-reload-safe)
AntiDarkSwordDaemon/Tweak.x	Corellium getenv + kern.osversion + /var/db/uuidtext/ coverage
antidarkswordprefs/RootListController.m	CFPreferences direct-write + one-time migration
AntiDarkSwordTF/Tweak.x	Biometric gate for settings overlay (LAContext)

Compatibility

File	For
*_iphoneos-arm64.deb	iOS 15+ Rootless (all models)
*_iphoneos-arm.deb	iOS 15+ Rootful (all models)
*_iphoneos-arm_legacy.deb	iOS 13–14 Rootful (arm64 only)
*_TrollFools.dylib	iOS 15+ TrollStore / TrollFools (all models)

AntiDarkSword v4.7.4

⛨ AntiDarkSword v4.7.4 (same as 4.7.0 / 4.7.3 but with ios 13-14 deb)

❖ Advanced Hardware Evasion: Deployed sysctl/sysctlbyname hooking. Queries for hw.model, hw.machine, and hw.cpusubtype now return a fabricated iPhone15,2 decoy profile.

❖ Dynamic Temporal Spoofing: Engineered per-process kern.boottime spoofing. Corellium stat hooks now generate realistic birth/ctime/mtime/atime timestamps mathematically derived from the fabricated boot time.

❖ Critical Stability Fixes: Resolved an unrecognized-selector crash on iOS 13 (allowsContentJavaScript property guard). Fixed TrollFools TOCTOU race conditions and main-queue assignment bugs for adsContentBlocker.

❖ Daemon Hardening: Implemented thread-local re-entrancy guards to prevent sysctl stack overflows. Added two-pass memory size validation to prevent buffer under-allocation.

❖ Hidden UX (Easter Eggs): Embedded fully playable Snake (ADSPyEater) and Tetris (ADSJailTris) SpriteKit mini-games into the Settings credits menu, complete with synthesizer SFX.

❖ iOS 13-14 Added below: iPhone X and older can use the legacy deb below, no need to compile on your own.

Note: If you installed v4.7.1 or v4.7.2 please uninstall / delete preference file / reboot / rejailbreak / install newest version. Github's Theos was building modern versions incorrectly (when I added legacy) and could cause you to need to disable tweaks before being able to re-jailbreak / uninstall after a reboot.

KNOWN ISSUE WITH THIS RELEASE: PROBE ATTACK COUNTER GOES TO LIKE 20 EVERY REBOOT, please disable till I update in next release

Compatibility Guide

File	For
*_iphoneos-arm64.deb	iOS 15+ Rootless (all models)
*_iphoneos-arm.deb	iOS 15+ Rootful (all models)
*_iphoneos-arm_legacy.deb	iOS 13–14 Rootful (arm64 only)
*_TrollFools.dylib	iOS 15+ TrollStore / TrollFools (all models)