M.E.A.T. – Mobile Evidence Acquisition Toolkit Meet M.E.A.T! From Jack Farley – BlackStone Discovery This toolkit aims to help forensicators perform different kinds of acquisitions on iOS devices (and Android in the future). Requirements to run from source Windows or Linux Python 3.7.4 or 3.7.2 Pip packages seen in requirements.txt Types of Acquisitions Supported iOSRead More
This framework is the end product of my experience in reverse engineering iOS kernelcache,I do manually look for vulnerabilities in the kernel and have automated most of the things I really wanted to see in Ghidra to speed up the process of reversing, and this proven to be effective and saves a lot of time.Read More
Output from the kernel log after compiling and running example/open1_hook.c xnuspy is a pongoOS module which installs a new system call, xnuspy_ctl, allowing you to hook kernel functions from userspace. It supports iOS 13.x and 14.x on checkra1n 0.12.2 and up. 4K devices are not supported. Requires libusb: brew install libusb Building Run make inRead More
ToothPicker is an in-process, coverage-guided fuzzer for iOS. It was developed to specifically targets iOS’s Bluetooth daemon bluetoothd and to analyze various Bluetooth protocols on iOS. As it is built using FRIDA, it can be adapted to target any platform that runs FRIDA. This repository also includes an over-the-air fuzzer with an exemplary implementation toRead More
A project to get a Linux shell running on iOS, using usermode x86 emulation and syscall translation. For the current status of the project, check the issues tab, and the commit logs. App Store page TestFlight beta Discord server Wiki with help and tutorials README in Chinese (may be out of date, if so sendRead More
[*] “MEDUZA” (“медуза”) means “jellyfish” in Ukrainian What is MEDUZA? It’s a Frida-based tool, my replacement for SSLKillSwitch. I created it for in-house use, but then decided to opensource it. TBH, I hate open source, but the world is full of compromises… 🙁 How does it work? It’s simple. First time, you run an appRead More
[*] [***] iblessing iblessing is an iOS security exploiting toolkit, it mainly includes application information collection, static analysis and dynamic analysis. iblessing is based on unicorn engine and capstone engine. Features Cross-platform: Tested on macOS and Ubuntu. iOS App static info extract, including metadata, deeplinks, urls, etc. Mach-O parser and dyld symbol bind simulator Objective-CRead More
Arcane is a simple script designed to backdoor iOS packages (iphone-arm) and create the necessar y resources for APT repositories. It was created for this publication to help illustrate why Cydia repositories can be dangerous and what post-exploitation attacks are possible from a compromised iOS device.How Arcane works…To understand what’s happening in the GIF, decompressRead More
About Mouse Framework Mouse Framework is an iOS and macOS post exploitation surveillance framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse Payload. Mouse gives you the power and convenience of uploading and downloading files, tab completion, taking pictures, location tracking, shellRead More
