Action | macOS | Linux | Win | iOS w/JB |
---|---|---|---|---|
MobSF |
MobSF | MobSF | MobSF | --- |
Plist view |
plutil or Xcode | apt-get install libplist-utils |
Plist Viewer | plutil |
Ghidra |
Ghidra | Ghidra | Ghidra | --- |
Frida |
Frida | Frida | Frida | --- |
Awesome Frida |
Awesome Frida | --- | --- | Awesome Frida |
Objection |
Objection | Objection | Objection | Objection |
Needle |
Needle | Needle | --- | --- |
Keychain dumper |
Keychain dumper | --- | --- | Keychain dumper |
iOS URL Schemes |
iOS URL Schemes | --- | --- | iOS URL Schemes |
Debug Hacks |
Debug Hacks | --- | --- | --- |
SandBox Dumper |
SandBox Dumper | --- | --- | --- |
PassionFruit |
PassionFruit | PassionFruit | --- | --- |
iPhoneTunnel |
iPhoneTunnel | --- | iPhoneTunnel | --- |
iRET |
iRET | --- | --- | --- |
idb |
idb | idb | --- | --- |
XSecurity |
XSecurity | --- | --- | --- |
https://github.com/ealeksandrov/ProvisionQL – Generate amazing preview for .ipa
.app
.appex
.mobileprovision
.provisionprofile
https://github.com/obfuscator-llvm/obfuscator/wiki – ollvm
Project/App | Swift | Objective-c |
---|---|---|
Swift Lint | + | - |
Jailbreak check |
---|
Jailbreak Chart |
Can I Jailbreak? |
Jailbreak list |
- Configure burp proxy on iOS device
– Visit [your_proxy_adress]:[proxy_port]/mobileassistant.deb
– Download file and install
- Via iFile
- Via ssh like `dpkg -i path/to/mobileassistant.deb
- Respring
- Launch Mobile Assistant
- Add app in bottom panel
- Turn-on switcher next to app
- Launch your app
- Congrats
More info here NB! in some cases you may face with lack of libraries, do not replace anything manually in iOS, it may lead to infinity loop)
Tool | Description | Link |
---|---|---|
iFunBox |
App | iFunBox |
Appdb |
Download&resign .ipa | Appdb |
iphonecake |
Download&resign .ipa | iphonecake |
4pda |
Download&resign .ipa | 4pda |
iTunes w/app tab |
iTunes 12.6.3.6 | Apple Support |
Download old version .ipa |
Manual how-to | Lifehacker |
Tool | Description | Link |
---|---|---|
Rasticrac |
Jailbreak(+) | Rasticrac |
Clutch |
Jailbreak(+) | Clutch |
bfinject |
Jailbreak(+), iOS 11-12 | bfinject |
Tool | Description | Link |
---|---|---|
IPA Patch |
Xcode Project | IPA Patch |
Resign |
Xcode Project | Regisn |
Tool | Description | Link |
---|---|---|
CydiaSubstrate |
Framework | Site & .deb file |
Reveal app |
Project | Reveal app |
JSPatch |
Framework | JSPatch |
FRAPL |
Framework | FRAPL |
Frida Gadget |
Framework | Frida Gadget |
Cycript |
Framework | Frida+Cycript & Site |
Tool | Description | Link |
---|---|---|
Node Resign |
Xcode Project | Node Resign |
iOS App Signer |
Xcode Project | iOS App Signer |
AppAddict |
App | AppAddict |
Tool | Description | Link |
---|---|---|
iFunBox |
App | iFunBox |
Impactor |
App | Cydia Impactor |
IPA installer |
Xcode Project | IPA installer |
Tool | Description | Link |
---|---|---|
Runtime Headers |
Xcode Project | Runtime Headers |
SSL Killswitch 2 |
Jailbreak(+) | SSL Killswitch 2 |
Theos |
Project | Theos |
Dumpdecrypted |
Project | Dumpdecrypted |
BundleID |
Jailbreak(+) | BundleID |
IPSW |
Download Firmware | IPSW |
Name | Link |
---|---|
Malware wellbeing on iOS devices |
Slides |
DVIA |
Homepage |
iGoat-Swift |
Homepage |
iOS-CTF |
Homepage |
Dynamic analysis of iOS apps w/o Jailbreak |
Article En Article RU & Slides |
Ro(o)tten Apples Vulnerability Heaven in the iOS Sandbox |
Slides |
Light and Dark side of Code Instrumentation |
Slides |
Комбайны безопасности для iOS и Android |
Slides |
Author: @ansjdnakjdnajkd
Do you want to add or fix? - Write to me or pull request!