В данном репозитории собранны материалы по безопасности iOS-приложений, различные статьи, исследования, инструменты анализа и полезные библиотеки/инструменты для обеспечения безопасности приложений. Большая часть этого материала приходит из телеграм канала Mobile AppSec World и его подписчиков. Репозиторий регулярно обновляется и пополняется новыми материалами.
- bagbak
- PassionFruit
- GrapeFruit
- IOS Security Suite
- Blocking Jailbreak Detection Tweaks
- NetworkSniffer - NetworkSniffer will log ALL traffic for any iOS application. This includes WKWebView and UIWebView.
- Ghidra iOS kernelcache framework for reverse engineering
- frida-ios-dump
- dumpdecrypted
- Yet Another Code Decrypter
- xpcspy - Bidirectional XPC message interception and more
- checkra1n jailbreak
- Frida
- Objection - mobile exploration toolkit by Frida
- Bfinject
- iFunbox
- Libimobiledevice - library to communicate with the services of the Apple ios devices
- iRET (iOS Reverse Engineering Toolkit) - includes oTool, dumpDecrypted, SQLite, Theos, Keychain_dumper, Plutil
- Burp Suite
- Cycript
- iLEAPP - iOS Logs, Events, And Preferences Parser
- Cutter - Free and Open Source RE Platform powered by radare2
- decrypt0r - automatically download and decrypt SecureRom stuff
- Mobile-Security-Framework MobSF
- Runtime Mobile Security (RMS) - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime
- fridax
- MOBEXLER
- Generate Malformed QRCodes
- Tool for Injecting Malicious Payloads Into Barcodes
- AFL - american fuzzy lop
- Setup for i0S and Android Application Analysis - This is a cheatsheet to install tools required for i0S and Android application pentesting
- AES Killer (Burpsuite Plugin)
- ReFlutter
- Lief
- Mobile Verification Toolkit
- Hack for SpringBoard to prevent kill process
- EllipticCurveKeyPair - Sign, verify, encrypt and decrypt using the Secure Enclave on iOS and MacOS.
- Myriam iOS
- ExploitMe Mobile iPhone Labs
- Owasp: iGoat
- Damn Vulnerable iOS App (DVIA)
- Damn Vulnerable iOS App (DVIA) v2
- OWASP: OMTG-Hacking-Playground
- Magnet Virtual Summit 2020 CTF (iOS)
- r2con2020 iOS Challenge 2
- iOS Application Vulnerabilities and how to find them
- Attacking iPhone XS Max
- Behind the Scenes of iOS Security
- Analyzing and Attacking Apple Kernel Drivers
- Remotely Compromising iOS via Wi-Fi and Escaping the Sandbox
- Demystifying the Secure Enclave Processor
- HackPac Hacking Pointer Authentication in iOS User Space
- iOS 10 Kernel Heap Revisited
- Recreating An iOS 0-Day Jailbreak Out Of Apple's Security Updates
- Building Secure iOS Apps (you don’t have to learn it the hard way!)
- The Worst Mobile Apps
- Learn modding Unity apps and games with Frida
- Ваш фонарик может отправлять SMS
- Процесс загрузки iPhone. Часть 1: Boot ROM
- Гайд по реверсу iOS приложения на примере ExpressVPN
- Взлом и внедрение своего кода в чужое iOS-приложение
- Безопасность iOS-приложений: гайд для новичков
- Just for fun: Сколько «живет» iOS до Jailbreak
- iOS Swift Anti-Jailbreak Bypass with Frida
- Gotta Catch 'Em All: Frida & jailbreak detection
- Beginning Frida: Learning Frida use on Linux and (just a bit on) Wintel and Android systems with Python and JavaScript (Frida. hooking, and other tools)
- Learn how to use Frida with Unity app
- iOS Write ups
- iOS Internals & Security Testing
- Hacking iOS Simulator with simctl and dynamic libraries
- Psychic Paper
- Stealing your SMS messages with iOS 0day
- Zero-day in Sign in with Apple
- Return of the ios sandbox escape: lightspeeds back in the race
- PIN Selection on Smartphones
- A survey of recent iOS kernel exploits
- Apple Two-Factor Authentication: SMS vs. Trusted Devices
- Intercepting Flutter traffic on iOS
- Snapchat detection on iOS
- Writing an iOS Kernel Exploit from Scratch
- The Four Ways to Deal with iPhone Backup Passwords
- Extracting and Decrypting iOS Keychain: Physical, Logical and Cloud Options Explored
- iOS Kernel Explotation - One Byte to rule them all
- Modern iOS Application Security
- Reverse Engineering iOS Mobile Apps
- KTRW: The journey to build a debuggable iPhone
- The One Weird Trick SecureROM Hates
- Tales of old: untethering iOS 11-Spoiler: Apple is bad at patching
- Messenger Hacking: Remotely Compromising an iPhone through iMessage
- Reverse Engineering the iOS Simulator’s SpringBoard
- Most usable tools for iOS penetration testing
- iOS-Security-Guides
- Trust in Apple's Secret Garden: Exploring & Reversing Apple's Continuity Protocol-Slides
- Apple Platform Security
- Mobile security, forensics & malware analysis with Santoku Linux
- Stealing local files using Safari Web Share API
- CVE-2020-9964 - An iOS infoleak
- Attack Secure Boot of SEP
- iOS 14 Forensics: What Has Changed Since iOS 13.7
- We Hacked Apple for 3 Months: Here’s What We Found
- Fun with XPC
- Bypass Facebook SSL Certificate Pinning for iOS
- Bypass Instagram SSL Certificate Pinning for iOS
- ASLR & the iOS Kernel — How virtual address spaces are randomised
- iOS/macOS penetration testing cheatsheet
- M1ssing Register Access Controls Leak EL0 State
- Jailbroken iOS can't run macOS apps. I spent a week to find out why.
- Quick Analysis for the SSID Format String Bug
- Unpatched iPhone Bug Allows Remote Device Takeover
- Reverse Engineering Starling Bank
- ProtonMail : forensic decryption of iOS App
- iOS on QEMU
- Proxying is not the only way to monitor network traffic on your iOS mobile apps
- Forensic guide to iMessage, WhatsApp, Telegram, Signal and Skype data acquisition
- Malware uses Corporate MDM as attack vector
- Mobexler Checklist
- Ad Fraud Spotted in Barcode Reader Malware Analysis
- Researching Confide Messenger Encryption
- Reverse Engineering Snapchat (Part I): Obfuscation Techniques
- Reverse Engineering Snapchat (Part II): Deobfuscating the Undeobfuscatable
- Firebase Cloud Messaging Service Takeover
- Saying Goodbye to my Favorite 5 Minute P1
- Reverse engineering Flutter apps (Part 1)
- How I Hacked facebook Again!
- Instagram_RCE: Code Execution Vulnerability in Instagram App for Android and iOS
- How to use Ghidra to Reverse Engineer Mobile Application
- React Native Application Static Analysis
- Pentesting Non-Proxy Aware Mobile Applications Without Root/Jailbreak
- CVE-2021-30737 - Vulnerability Overview
- Facebook BugBounty Writeups