Needle is an open source, modular framework to streamline the process of conducting security assessments of iOS apps.
A tool to simplify some common tasks for iOS app security assessments and research. It is open-source under the MIT license, hosted on Github, and developed by Daniel Mayer.
Helps developers encrypt app data, prompt for passwords, prevent app tampering, and enforce enterprise policies on iOS devices.
AppSec Labs iNalyzer is a framework for manipulating iOS applications, tampering with parameters and methods; no sources needed! AppSec Labs iNalyzer targets closed applications, turning a painful Black Box into an automatic Gray-Box effort. AppSec Labs iNalyzer Automates your testing effort as it exposes the internal logic of your target iOS application and the correlation between hidden functionalities. The AppSec Labs iNalyzer allows you to use your daily web-based pen-testing tools such as scanners, proxies etc. AppSec Labs iNalyzer maintains the attack logic and forwards it onto the targeted iOS application. No more manual BruteForce, Fuzzing, SQL injection and other tedious manual work.
A reverse engineering framework for reverse engineering and dynamic analysis of iOS applications.
Snoop-it is a tool to assist dynamic analysis and blackbox security assessments of mobile apps by retrofitting existing apps with debugging and runtime tracing capabilities. Snoop-it allows on-the-fly manipulations of arbitrary iOS apps with an easy-to-use graphical user interface. Thus, bypassing client-side restrictions or unlocking additional features and premium content of apps is going to be a child’s play.
A major priority of the OWASP Mobile Security Project is to help standardize and disseminate mobile application testing methodologies. While specific techniques exist for individual platforms, a general mobile threat model can be used to assist test teams in creating a mobile security testing methodology for any platform. The outline which follows describes a general mobile application testing methodology which can be tailored to meet the security tester’s needs. It is high level in some places, and over time will be customized on a per-platform basis.
This guide is targeted towards application developers and security testers. Developers can leverage this guide to ensure that they are not introducing the security flaws described within the guide. Security testers can use it as a reference guide to ensure that they are adequately assessing the mobile application attack surface. The ideal mobile assessment combines dynamic analysis, static analysis, and forensic analysis to ensure that the majority of the mobile application attack surface is covered.
On some platforms, it may be necessary to have root user or elevated privileges in order to perform all of the the required analysis on devices during testing. Many applications write information to areas that cannot be accessed without a higher level of access than the standard shell or application user generally has. For steps that generally require elevated privileges, it will be stated that this is the case.
This guide is broken up into three sections:
- Information Gathering- describes the steps and things to consider when you are in the early stage reconnaissance and mapping phases of testing as well as determining the application’s magnitude of effort and scoping.
- Static Analysis– Analyzing raw mobile source code, decompiled or disassembled code.
- Dynamic Analysis – executing an application either on the device itself or within a simulator/emulator and interacting with the remote services with which the application communicates. This includes assessing the application’s local interprocess communication surface, forensic analysis of the local filesystem, and assessing remote service dependencies.
Here are some iOS reference pages from the OWASP Mobile Security Project: