A static analysis tool for Android and iOS applications focusing on security issues outside the source code such as resource strings, third party libraries and configuration files. RequirementsPython 3 is required and you can find all required modules in the requirements.txt file. Only tested on Python 3.7 but should work on other 3.x releases. No […]
iOS security tips
Diaphora (διαφορά, Greek for ‘difference’) is a program diffing plugin for IDA, similar to Zynamics Bindiff or other FOSS counterparts like YaDiff, DarunGrim, TurboDiff, etc… It was released during SyScan 2015.It works with IDA 6.9 to 7.3. Support for Ghidra is in development. Support for Binary Ninja is also planned but will come after Ghidra’s […]
objection is a runtime mobile exploration toolkit, powered by Frida. It was built with the aim of helping assess mobile applications and their security posture without the need for a jailbroken or rooted mobile device.Note: This is not some form of jailbreak / root bypass. By using objection, you are still limited by all of […]
iOS Debugging Tool Shake to hide or show the black bubble. (support both device and simulator) Long press the black bubble to show UIDebuggingInformationOverlay. (Apple’s Private API, support iOS 10/11/12) Application memory usage and FPS. List all print() and NSLog() messages which have been written by developer in Xcode. (optional) List of all the network […]
A new Mac security service called GamePlan uses a system’s own indicators, and some videogame magic, to keep a lookout….
Google’s Project Zero researchers find a potentially powerful privilege escalation trick in how Macs manage memory….