Tool |
Link |
Description |
Mallory Proxy |
http://intrepidusgroup.com/insight/mallory/ |
Proxy for Binary protocols |
Charles/burp Proxy |
http://www.charlesproxy.com/; http://www.portswigger.net/burp/ |
Proxy for HTTP and HTTPS |
OpenSSH |
http://www.openssh.com/ |
Connect to the IPhone remotely over SSH |
Sqlite3 |
http://www.sqlite.org/ |
Sqlite Database Client |
GNU Debugger |
http://www.gnu.org/software/gdb/ |
For run time analysis & Reverse engineering |
Syslogd |
https://developer.apple.com/library/mac/#documentation/darwin/reference/manpages/man8/syslogd.8.html |
View IPhone Logs |
Tcpdump |
http://www.tcpdump.org/ |
Capture network traffic on phone |
Otool |
http://developer.apple.com/library/mac/#documentation/darwin/reference/manpages/man1/otool.1.html |
Odcctools:otool–object File Displaying tool |
Cycript |
http://www.cycript.org/ |
A language designed to interact with OBJECTIVE-C classes |
SSL Kill Switch |
Https://github.com/iSECPartners/ios-ssl-kill-switch |
Blackbox tool to disable SSL Certificate validation-including certificate pinning in Nsurl |
Plutil |
http://scw.us/iPhone/plutil/ |
To view Plist files |
Nm |
|
Analysis tool to display the symbol table, which includes names of functions and methods, as well as their load addresses. |
Sysctl |
https://developer.apple.com/library/mac/#documentation/darwin/reference/manpages/man8/sysctl.8.html |
A utility to read and change kernel state variables |
Dump_keychain |
Https://github.com/emonti/iOS_app_re_tools |
A utility to dump the keychain |
Filemon |
Http://www.newosxbook.com/files/filemon.iOS |
Monitor Realtime IOS File system |
Filedp |
http://www.securitylearn.net/2012/10/18/extracting-data-protection-class-from-files-on-ios/ |
Audits data protection of files |
Binarycookiereader |
http://securitylearn.net/wp-content/uploads/tools/iOS/BinaryCookieReader.py |
Read cookies.binarycookies Files |
Lsof ARM Binary |
Https://github.com/u35tpus/iosrep/tree/master/lsof |
List of all open files and the processes that opened them |
Lsock ARM Binary |
Http://www.newosxbook.com/index.php?page=downloads |
Monitor socket connections |
Ponydebugger injected |
https://github.com/dtrukr/PonyDebuggerInjected |
Injected via CYCRIPT to enable remote debugging |
Weak Class Dump |
Https://raw.github.com/limneos/weak_classdump/master/weak_classdump.cy |
Injected via Cycript to do class-dump (if you cant un-encrypt the binary) |
TrustMe |
Https://github.com/intrepidusgroup/trustme |
Lower level tool to disable SSL Certificate validation-including certificate pinning (for everything else but Nsurl) |
MAC robber |
http://www.sleuthkit.org/mac-robber/download.php |
C Code, Forensic tool for imaging filesystems and producing a timeline |
Usbmux Proxy |
Https://github.com/st3fan/usbmux-proxy |
Command line tool to connect local TCP port sto ports on a iPhone or iPod Touch device over USB. |
IFunBox |
http://www.i-funbox.com/ |
Filesystem access (no jailbreak needed), Usbmux tunneler,. IPA installer |
Inalyzer |
https://appsec-labs.com/iNalyzer/ |
IOS Penetration Testing Framework |
Removepie |
Https://github.com/peterfillmore/removePIE |
Disables ASLR of an application |
Snoop-it |
https://code.google.com/p/snoop-it/ |
A tool to assist security assessments and dynamic analysis of IOS Apps, includes runtime views of obj-c classes and method s, and options to modify those values |
Idb |
Https://github.com/dmayer/idb |
A GUI (and cmdline) tool to simplify some common tasks for IOS pentesting and. |
Damn Vulnerable IOS Application |
http://damnvulnerableiosapp.com/ |
A purposefully vulnerable iOS application for Learning iOS application assessment skills. |
Introspy |
Https://github.com/iSECPartners/Introspy-iOS |
A Security Profiling tool revolved around hooking security based IOS APIs and logging their output for security analysis |