Category: iOS

Android SecurityARMBinary AnalysisDynamic AnalysisiOSiOS SecurityMalware AnalysisMobile SecurityMobile Security FrameworkMobSFNEW TOOLSStatic AnalysisWindows Mobile Security

MobSF (Mobile Security Framework) v1.0 – Mobile (Android/iOS) Automated Pen-Testing Framework

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing framework capable of performing static, dynamic and malware analysis. It can be used for effective and fast security analysis of Android, iOS and Windows mobile applications and support both binaries (APK, IPA & APPX ) and zipped source code. MobSF can do dynamic application testing at runtime for Android apps and has Web API fuzzing capabilities powered by CapFuzz, a Web API specific security scanner. MobSF is designed to make your CI/CD…

Command LineiOSJailbreakJSONMobile Application Testing ToolkitNEW TOOLSPasscodePentestersScrounger

Scrounger – Mobile Application Testing Toolkit

Scrounger - a person who borrows from or lives off others.There is no better description for this tool for two main reasons, the first is because this tool takes inspiration from many other tools that have already been published, the second reason is because it lives off mobile application's vulnerabilities.WhyEven though several other mobile application analysis tools have been developed, there is no one tool that can be used for both android and ios and can be called a "standard" must use on every…

Brute-forceiOSiOSRestrictionBruteForceiTunesNEW TOOLSPasscode

iOSRestrictionBruteForce v2.1.0 – Crack iOS Restriction Passcodes With Python

This version of the application is written in Python, which is used to crack the restriction passcode of an iPhone/iPad takes advantage of a flaw in unencrypted backups allowing the hash and salt to be discovered.DEPENDENCIESThis has been tested with Python 2.7 and Python 3.6Requires Passlib Install with pip install passlibUsageusage: [-h] [-a] [-c] [-b folder] [-t]a script to crack the restriction passcode of an iDeviceoptional arguments:-h, --help show this help message and exit-a, --automatically automatically finds and cracks hashes-c, --cli prompts user…

DamniGoatiOSJailbreakNEW TOOLSOWASP iGoatOWASP iGoat (Swift)

OWASP iGoat (Swift) – A Damn Vulnerable Swift Application For iOS

This is a Swift version of original iGoat Objective C project. Using OWASP iGoat, you can learn exploiting and defending vulnerabilities in iOS Swift applications. Developed using Swif 4 and Ruby iGoat (Objective C) was presented at:OWASP TOP 10 Mobile Reverse EngineeringRuntime AnalysisData Protection (Rest)Data Protection (Transit)Key ManagementTamperingInjection FlawsBroken CryptographyMemory ManagementURL Scheme AttackSocial EngineeringSSL PinningAuthenticationJailbreak DetectionSide Channel Data LeaksCloud MisconfigurationCrypto ChallengesDocumentation: iGoat WikiiGoat Quick Setup git clone open iGoat-Swift.xcodeproj with xcode.Setup iGoat Server Navigate to server > docker_packaging and then user command docker compose up Using Cydia…