shiham101/iOS

Most usable tools for iOS penetration testing

Apache-2.0

iOS/macOS penetration testing cheatsheet

Action	macOS	Linux	Win	iOS w/JB
`MobSF`	MobSF	MobSF	MobSF	---
`Plist view`	plutil or Xcode	`apt-get install libplist-utils`	Plist Viewer	plutil
`Frida`	Frida	Frida	Frida	---
`Awesome Frida`	Awesome Frida	---	---	Awesome Frida
`Objection`	Objection	Objection	Objection	Objection
`Needle`	Needle	Needle	---	---
`Keychain dumper`	Keychain dumper	---	---	Keychain dumper
`iOS URL Schemes`	iOS URL Schemes	---	---	iOS URL Schemes
`Debug Hacks`	Debug Hacks	---	---	---
`SandBox Dumper`	SandBox Dumper	---	---	---
`PassionFruit`	PassionFruit	PassionFruit	---	---
`iPhoneTunnel`	iPhoneTunnel	---	iPhoneTunnel	---
`iRET`	iRET	---	---	---
`idb`	idb	idb	---	---
`XSecurity`	XSecurity	---	---	---

macOS Quick Look plugin for iOS & OSX developers

https://github.com/ealeksandrov/ProvisionQL – Generate amazing preview for .ipa .app .appex .mobileprovision .provisionprofile

Static analyze

Project/App	Swift	Objective-c
Swift Lint	+	-

Jailbreak

Jailbreak check
Jailbreak Chart
Can I Jailbreak?
Jailbreak list

Repos
http://cydia.iphonecake.com
http://apt.saurik.com/
http://repo.nesolabs.de/
https://build.frida.re/
http://appsec-labs.com/cydia/
http://cydia.zodttd.com/repo/cydia/
http://mobiletools.mwrinfosecurity.com/cydia/
http://repo666.ultrasn0w.com/
http://apt.thebigboss.org/repofiles/cydia/
http://cydia.radare.org/
http://apt.modmyi.com/
http://coolstar.org/publicrepo/

AppSign / Rebuild / Resign / Inject / Useful tools

Download and decrypt

Tool	Description	Link
`iFunBox`	App	iFunBox
`Appdb`	Download&resign .ipa	Appdb
`iphonecake`	Download&resign .ipa	iphonecake
`4pda`	Download&resign .ipa	4pda
`iTunes w/app tab`	iTunes 12.6.3.6	Apple Support
`Download old version .ipa`	Manual how-to	Lifehacker

Extract data

Tool	Description	Link
`Rasticrac`	Jailbreak(+)	Rasticrac
`Clutch`	Jailbreak(+)	Clutch

All in one (Inject > Repack > Resign > Upload)

Tool	Description	Link
`IPA Patch`	Xcode Project	IPA Patch
`Resign`	Xcode Project	Regisn

Inject framework

Tool	Description	Link
`CydiaSubstrate`	Framework	Site & .deb file
`Reveal app`	Project	Reveal app
`JSPatch`	Framework	JSPatch
`FRAPL`	Framework	FRAPL
`Frida Gadget`	Framework	Frida Gadget
`Cycript`	Framework	Frida+Cycript & Site

Repack and resign binary

Tool	Description	Link
`Node Resign`	Xcode Project	Node Resign
`iOS App Signer`	Xcode Project	iOS App Signer
`AppAddict`	App	AppAddict

Upload and run on device

Tool	Description	Link
`iFunBox`	App	iFunBox
`Impactor`	App	Cydia Impactor
`IPA installer`	Xcode Project	IPA installer

Useful tools

Tool	Description	Link
`Runtime Headers`	Xcode Project	Runtime Headers
`SSL Killswitch 2`	Jailbreak(+)	SSL Killswitch 2
`Theos`	Project	Theos
`Dumpdecrypted`	Project	Dumpdecrypted
`BundleID`	Jailbreak(+)	BundleID
`IPSW`	Download Firmware	IPSW

Slides and articles and links

Name	Link
`Malware wellbeing on iOS devices`	Slides
`DVIA`	Homepage
`Dynamic analysis of iOS apps w/o Jailbreak`	Article En Article RU & Slides
`Ro(o)tten Apples Vulnerability Heaven in the iOS Sandbox`	Slides
`Light and Dark side of Code Instrumentation`	Slides
`Комбайны безопасности для iOS и Android`	Slides

Author: @ansjdnakjdnajkd

Do you want to add or fix? - Write to me or pull request!