Awesome

Awesome iOS Security <a href="https://github.com/Cy-clon3/awesome-ios-security/"><img src="https://awesome.re/badge.svg" alt="Awesome"></a>

<img src="https://upload.wikimedia.org/wikipedia/commons/thumb/1/1b/Apple_logo_grey.svg/30px-Apple_logo_grey.svg.png" width="16"> A curated list of awesome iOS application security resources.

A collection of awesome tools, books, courses, blog posts, and cool stuff about iOS Application Security and Penetration Testing.

Tools
Tweaks
Frida Scripts
Courses
Books
Sessions & Workshops
Articles & Tutorials
Checklists & Cheatsheets
Labs
CTF
Writeups
Misc

Tools

Reverse Engineering Tools

Hopper - A reverse engineering tool that will assist you in your static analysis of executable files.
Ghidra - A software reverse engineering (SRE) framework created and maintained by the National Security Agency Research Directorate.
Radare2 - UNIX-like reverse engineering framework and command-line toolset.
Cutter - Free and Open Source Reverse Engineering Platform powered by rizin.
frida-ios-dump - A tool to pull a decrypted IPA from a jailbroken device.
bagbak - Yet another frida based App decryptor. Requires jailbroken iOS device and frida.re.
flexdecrypt - An iOS App & Mach-O binary decryptor.
bfdecrypt - Utility to decrypt App Store apps on jailbroken iOS 11.x.
bfinject - Easy dylib injection for jailbroken 64-bit iOS 11.0 - 11.1.2. Compatible with Electra and LiberiOS jailbreaks.
r2flutch - Yet another tool to decrypt iOS apps using r2frida.
Clutch - A high-speed iOS decryption tool.
dsdump - An improved nm + objc/swift class-dump tool.
class-dump - A command-line utility for examining the Objective-C segment of Mach-O files.
SwiftDump - A command-line tool for retriving the Swift Object info from Mach-O file.
jtool - An app inspector, disassembler, and signing utility for the macOS, iOS.
Sideloadly - An app to sideload your favorite games and apps to Jailbroken & Non-Jailbroken iOS devices.
Cydia Impactor - A GUI tool for sideloading iOS application.
AltStore - Allows to sideload other apps (.ipa files) onto iOS device.
iOS App Signer - An app for macOS that can (re)sign apps and bundle them into ipa files that are ready to be installed on an iOS device.

Static Analysis Tools

iLEAPP - An iOS Logs, Events, And Plist Parser.
Keychain Dumper - A tool to check which keychain items are available to an attacker once an iOS device has been jailbroken.
BinaryCookieReader - A tool to read the binarycookie format of Cookies on iOS applications.
PList Viewer - Gtk application to view property list files.
XMachOViewer - A Mach-O viewer for Windows, Linux and macOS.
MachO-Explorer - A graphical Mach-O viewer for macOS. Powered by Mach-O Kit.
iFunbox - A general file management software for iPhone and other Apple products.
3uTools - An All-in-One management software for iOS devices.
iTools - An All-in-One solution for iOS devices management.

Dynamic Analysis Tools

Corellium - The only platform offering ARM-based mobile device virtualization using a custom-built hypervisor for real-world accuracy and high performance.
Frida - Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.
frida-gum - Cross-platform instrumentation and introspection library written in C.
Fridax - Fridax enables you to read variables and intercept/hook functions in Xamarin/Mono JIT and AOT compiled iOS/Android applications.
r2frida - Radare2 and Frida better together.
r2ghidra - An integration of the Ghidra decompiler for radare2.
iproxy - A utility allows binding local TCP ports so that a connection to one (or more) of the local ports will be forwarded to the specified port (or ports) on a usbmux device.
itunnel - Use to forward SSH via USB.
objection - A runtime mobile exploration toolkit, powered by Frida, built to help you assess the security posture of your mobile applications, without needing a jailbreak.
Grapefruit - Runtime Application Instruments for iOS.
Passionfruit - Simple iOS app blackbox assessment tool, powered by frida 12.x and vuejs.
Runtime Mobile Security (RMS) - Runtime Mobile Security (RMS), powered by FRIDA, is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime.
membuddy - Dynamic memory analysis & visualisation tool for security researchers.
unidbg - Allows you to emulate an Android ARM32 and/or ARM64 native library, and an experimental iOS emulation.
Qiling - An advanced binary emulation framework.
fishhook - A library that enables dynamically rebinding symbols in Mach-O binaries running on iOS.
Dwarf - Full featured multi arch/os debugger built on top of PyQt5 and frida.
FridaHookSwiftAlamofire - A frida tool that capture GET/POST HTTP requests of iOS Swift library 'Alamofire' and disable SSL Pinning.
ios-deploy - Install and debug iOS apps from the command line. Designed to work on un-jailbroken devices.
aah - Run iOS arm64 binaries on x86_64 macOS, with varying degrees of success.
LLDB - A next generation, high-performance debugger.
mitmproxy - A free and open source interactive HTTPS proxy.
Burp Suite - An advanced HTTPS proxy software.

Tweaks

Reverse Engineering Tweaks

FoulDecrypt - A lightweight and simpling iOS binary decryptor, supports iOS 13.5 and later.
iGameGod - Cheat Engine, Speed Manager, Auto Touch, Device Spoofer & App Decryptor.
CrackerXI - Tool to Decrypt iOS Apps, based on BFInject, Supports Electra as well as Unc0ver Jailbreaks.
flexdecrypt - Command line tool for decrypting Mach-O binaries.
Flex 3 Beta - Flex gives you the power to modify apps and change their behavior, with no coding experience needed.
Frida - Frida server for iOS.
OpenSSH - Secure remote access between machines.
Apple File Conduit "2" - Unlocks filesystem access over USB on Windows or macOS on jailbroken devices.
AppSync Unified - Enables the ability to install unsigned/fakesigned iOS applications.
NewTerm 2 - A powerful terminal app for iOS.
Filza File Manager - A Powerful File Manager for iOS with IPA Installer, DEB Installer, Web viewer, and Terminal.

Jailbrek Detection Bypass Tweaks

Shadow - A lightweight general jailbreak detection bypass tweak.
A-Bypass - A tool that helps block some apps from accessing unauthorized space or calling functions not authorized by Apple due to jailbreak.
FlyJB X - A jailbreak bypass that allows you to bypass the in-app jailbreak detection mechanism.
Liberty Lite (Beta) - A general purpose jailbreak detection bypass patch.
vnodebypass - An expermental tool to hide jailbreak files for bypass detection.
KernBypass (Unofficial) - A kernel level jailbreak detection bypass tweak.
HideJB - Bybass jailbreak detection in certain apps.
Hestia - A global jailbreak detection bypass tweak.
Choicy - An advanced tweak configurator.

SSL Pinning Bypass Tweaks

SSL Kill Switch 2 - A blackbox tool to disable SSL/TLS certificate validation - including certificate pinning - within iOS and macOS applications.
SSLBypass - An iOS SSL Pinning Bypass Tweak (iOS 8 - 14).

Frida Scripts

FridaSwiftDump - A Frida script for retriving the Swift Object info from an running app.
iOS 13 SSL Bypass - SSL Pinning Bypass for iOS 13.
iOS 12 SSL Bypass - SSL Pinning Bypass for iOS 12.
iOS Jailbreak Detection Bypass - A Frida script used for bypass iOS jailbreak detection by hooking some methods and functions.
iOS App Static Analysis - Script for iOS app's static analysis.
Touch ID Bypass - A Frida script for iOS Touch/Face ID Bypass.

Courses

Pentesting iOS Applications - By PentesterAcademy.
iOS Pentesting - By Mantis.
iOS Application Pentesting Series - By Sateesh Verma.
IOS: Penetration Testing - By Noisy Hacker.

Books

iOS Hacking Guide - By Security Innovation.
iOS Application Security: The Definitive Guide for Hackers and Developers - By David Thiel.
iOS Penetration Testing: A Definitive Guide to iOS Security - By Kunal Relan.
Learning iOS Penetration Testing - By Swaroop Yermalkar.
Hacking and Securing iOS Applications - By Jonathan Zdziarski.
iOS Hacker's Handbook - By Charlie Miller.

Sessions & Workshops

iOS + Frida Tutorial - A 3-parts workshop contains an introduction to Frida and iOS, low-level iOS interfaces (GCD, XPC, IOKit, Mach), and Objective-C instrumentation by @naehrdine.
Exploiting Common iOS Apps' Vulnerabilities - A session by @ivRodriguezCA that walks through some of the most common vulnerabilities on iOS apps and shows how to exploit them.
iOS Reverse Engineering With Frida - How to get started in iOS RE with any PC/Mac, an iPhone, and Frida by @x71n3.
iOS Application Vulnerabilities and how to find them - How to get started with hacking iOS apps, environment requirement, play ground etc. by @0ctac0der.

Articles & Tutorials

Penetration Testing Articles

Reverse Engineering Articles

Jailbrek Detection Bypass Articles

SSL Pinning Bypass Articles

Checklists & Cheatsheets

Labs

CTF

Writeups

Misc

iOS Jailbreak Downloads - Download Jailbreak Tools for All iOS Versions.
MOBEXLER - A customised virtual machine, designed to help in penetration testing of Android & iOS applications.
frida Workbench - Unofficial frida workbench for VSCode.
Apple Configurator - Apple Configurator features a flexible, device-centric design that enables you to configure one or dozens of devices quickly and easily.
Apple Platform Security - Explore Apple Platform Security.
IPSW Downloads - Download current and previous versions of Apple's iOS, iPadOS, macOS, watchOS, tvOS and audioOS firmware and receive notifications when new firmwares are released.
theos - A cross-platform suite of tools for building and deploying software for iOS and other platforms.

Contributing

Your contributions are always welcome! Please read the contribution guidelines first.