iOS

by ansjdnakjdnajkd

ansjdnakjdnajkd / iOS

Most usable tools for iOS penetration testing

499 Stars 112 Forks Last release: Not found Apache License 2.0 19 Commits 0 Releases

Available items

No Items, yet!

The developer of this repository has not created any items for sale yet. Need a bug fixed? Help with integration? A different license? Create a request here:

iOS/macOS penetration testing cheatsheet

| Action | macOS | Linux | Win | iOS w/JB | | --- | --- | --- | --- | --- | |

MobSF
| MobSF | MobSF | MobSF | --- | |
Plist view
| plutil or Xcode |
apt-get install libplist-utils
| Plist Viewer | plutil | |
Ghidra
| Ghidra | Ghidra | Ghidra | --- | |
Frida
| Frida | Frida | Frida | --- | |
Awesome Frida
| Awesome Frida | --- | --- | Awesome Frida | |
Objection
| Objection | Objection | Objection | Objection | |
Needle
| Needle | Needle | --- | --- | |
Keychain dumper
| Keychain dumper | --- | --- | Keychain dumper | |
iOS URL Schemes
| iOS URL Schemes | --- | --- | iOS URL Schemes | |
Debug Hacks
| Debug Hacks | --- | --- | --- | |
SandBox Dumper
| SandBox Dumper | --- | --- | --- | |
PassionFruit
| PassionFruit | PassionFruit | --- | --- | |
iPhoneTunnel
| iPhoneTunnel | --- | iPhoneTunnel | --- | |
iRET
| iRET | --- | --- | --- | |
idb
| idb | idb | --- | --- | |
XSecurity
| XSecurity | --- | --- | --- |

macOS Quick Look plugin for iOS & OSX developers

https://github.com/ealeksandrov/ProvisionQL – Generate amazing preview for

.ipa
.app
.appex
.mobileprovision
.provisionprofile

iOS / macOS obfuscation

https://github.com/obfuscator-llvm/obfuscator/wiki – ollvm

Static analyze

| Project/App | Swift | Objective-c | | --- | --- | --- | | Swift Lint | + | - |

Jailbreak

| Jailbreak check | | --- | | Jailbreak Chart | | Can I Jailbreak? | | Jailbreak list |

| Repos | | --- | | http://cydia.iphonecake.com | | http://apt.saurik.com/ | | http://repo.nesolabs.de/ | | https://build.frida.re/ | | http://appsec-labs.com/cydia/ | | http://cydia.zodttd.com/repo/cydia/ | | http://mobiletools.mwrinfosecurity.com/cydia/ | | http://repo666.ultrasn0w.com/ | | http://apt.thebigboss.org/repofiles/cydia/ | | http://cydia.radare.org/ | | http://apt.modmyi.com/ | | http://coolstar.org/publicrepo/ | | http://getdelta.co/ < Flex3 working | | http://julioverne.github.io/ | | http://brunonfl.github.io/ | | http://apt.bingner.com/ | | http://repo.dynastic.co/ | | http://mcapollo.github.io/Public/ | | http://apt.hackcn.net/ | | http://repo.chariz.io/ | | http://cydia.ichitaso.com/ | | https://level3tjg.github.io < bfdecrypt (ios11/ios12)| | http://ryleyangus.com/repo < Liberty Lite (beta) for JB bypas|

Little h4ck for sslpinning bypass (help in some cases when sslkillswitch useless)

  • Configure burp proxy on iOS device – Visit [yourproxyadress]:[proxy_port]/mobileassistant.deb – Download file and install
    • Via iFile
    • Via ssh like `dpkg -i path/to/mobileassistant.deb
  • Respring
  • Launch Mobile Assistant
  • Add app in bottom panel
  • Turn-on switcher next to app
  • Launch your app
  • Congrats

More info here NB! in some cases you may face with lack of libraries, do not replace anything manually in iOS, it may lead to infinity loop)

AppSign / Rebuild / Resign / Inject / Useful tools

Schema

Download and decrypt

| Tool | Description | Link | | --- | --- | --- | |

iFunBox
| App | iFunBox | |
Appdb
| Download&resign .ipa | Appdb | |
iphonecake
| Download&resign .ipa | iphonecake | |
4pda
| Download&resign .ipa | 4pda | |
iTunes w/app tab
| iTunes 12.6.3.6 | Apple Support | |
Download old version .ipa
| Manual how-to | Lifehacker |

Extract data

| Tool | Description | Link | | --- | --- | --- | |

Rasticrac
| Jailbreak(+) | Rasticrac | |
Clutch
| Jailbreak(+) | Clutch | |
bfinject
| Jailbreak(+), iOS 11-12 | bfinject |

All in one (Inject > Repack > Resign > Upload)

| Tool | Description | Link | | --- | --- | --- | |

IPA Patch
| Xcode Project | IPA Patch | |
Resign
| Xcode Project | Regisn |

Inject framework

| Tool | Description | Link | | --- | --- | --- | |

CydiaSubstrate
| Framework | Site & .deb file | |
Reveal app
| Project | Reveal app | |
JSPatch
| Framework | JSPatch | |
FRAPL
| Framework | FRAPL | |
Frida Gadget
| Framework | Frida Gadget | |
Cycript
| Framework | Frida+Cycript & Site |

Repack and resign binary

| Tool | Description | Link | | --- | --- | --- | |

Node Resign
| Xcode Project | Node Resign | |
iOS App Signer
| Xcode Project | iOS App Signer | |
AppAddict
| App | AppAddict |

Upload and run on device

| Tool | Description | Link | | --- | --- | --- | |

iFunBox
| App | iFunBox | |
Impactor
| App | Cydia Impactor | |
IPA installer
| Xcode Project | IPA installer |

Useful tools

| Tool | Description | Link | | --- | --- | --- | |

Runtime Headers
| Xcode Project | Runtime Headers | |
SSL Killswitch 2
| Jailbreak(+) | SSL Killswitch 2 | |
Theos
| Project | Theos | |
Dumpdecrypted
| Project | Dumpdecrypted | |
BundleID
| Jailbreak(+) | BundleID | |
IPSW
| Download Firmware | IPSW |

Slides and articles and links

| Name | Link | | --- | --- | |

Malware wellbeing on iOS devices
| Slides | |
DVIA
| Homepage | |
Dynamic analysis of iOS apps w/o Jailbreak
| Article En Article RU & Slides | |
Ro(o)tten Apples Vulnerability Heaven in the iOS Sandbox
| Slides | |
Light and Dark side of Code Instrumentation
| Slides | |
Комбайны безопасности для iOS и Android
| Slides |

Author: @ansjdnakjdnajkd

Do you want to add or fix? - Write to me or pull request!

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.