MEAT – This Toolkit Aims To Help Forensicators Perform Different Kinds Of Acquisitions On iOS Devices

M.E.A.T. – Mobile Evidence Acquisition Toolkit Meet M.E.A.T! From Jack Farley – BlackStone Discovery This toolkit aims to help forensicators perform different kinds of acquisitions on iOS devices (and Android in the future). Requirements to run from source Windows or Linux Python 3.7.4 or 3.7.2 Pip packages seen in requirements.txt Types of Acquisitions Supported iOSRead More

Ghidra_Kernelcache – A Ghidra Framework For iOS Kernelcache Reverse Engineering

This framework is the end product of my experience in reverse engineering iOS kernelcache,I do manually look for vulnerabilities in the kernel and have automated most of the things I really wanted to see in Ghidra to speed up the process of reversing, and this proven to be effective and saves a lot of time.Read More

Xnuspy – An iOS Kernel Function Hooking Framework For Checkra1N’Able Devices

Output from the kernel log after compiling and running example/open1_hook.c xnuspy is a pongoOS module which installs a new system call, xnuspy_ctl, allowing you to hook kernel functions from userspace. It supports iOS 13.x and 14.x on checkra1n 0.12.2 and up. 4K devices are not supported. Requires libusb: brew install libusb Building Run make inRead More

ToothPicker – An In-Process, Coverage-Guided Fuzzer For iOS

ToothPicker is an in-process, coverage-guided fuzzer for iOS. It was developed to specifically targets iOS’s Bluetooth daemon bluetoothd and to analyze various Bluetooth protocols on iOS. As it is built using FRIDA, it can be adapted to target any platform that runs FRIDA. This repository also includes an over-the-air fuzzer with an exemplary implementation toRead More

MEDUZA – A More Or Less Universal SSL Unpinning Tool For iOS

[*] “MEDUZA” (“медуза”) means “jellyfish” in Ukrainian What is MEDUZA? It’s a Frida-based tool, my replacement for SSLKillSwitch. I created it for in-house use, but then decided to opensource it. TBH, I hate open source, but the world is full of compromises… 🙁 How does it work? It’s simple. First time, you run an appRead More

Iblessing – An iOS Security Exploiting Toolkit, It Mainly Includes Application Information Collection, Static Analysis And Dynamic Analysis

[*] [***] iblessing iblessing is an iOS security exploiting toolkit, it mainly includes application information collection, static analysis and dynamic analysis. iblessing is based on unicorn engine and capstone engine. Features Cross-platform: Tested on macOS and Ubuntu. iOS App static info extract, including metadata, deeplinks, urls, etc. Mach-O parser and dyld symbol bind simulator Objective-CRead More

Arcane – A Simple Script Designed To Backdoor iOS Packages (Iphone-Arm) And Create The Necessary Resources For APT Repositories

Arcane is a simple script designed to backdoor iOS packages (iphone-arm) and create the necessar y resources for APT repositories. It was created for this publication to help illustrate why Cydia repositories can be dangerous and what post-exploitation attacks are possible from a compromised iOS device.How Arcane works…To understand what’s happening in the GIF, decompressRead More

Mouse Framework – An iOS And macOS Post Exploitation Surveillance Framework That Gives You A Command Line Session With Extra Functionality Between You And A Target Machine Using Only A Simple Mouse Payload

About Mouse Framework Mouse Framework is an iOS and macOS post exploitation surveillance framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse Payload. Mouse gives you the power and convenience of uploading and downloading files, tab completion, taking pictures, location tracking, shellRead More

X