A collection of open source iOS tools
3rd-party lists
- ansjdnakjdnajkd/iOS - Most usable tools for iOS penetration testing
- OpenJailbreak - Apple tools. Built from scratch. For the community. Get involved
- Siguza/ios-resources - Useful resources for iOS hacking
Jailbreak
- OpenJailbreak - Apple tools. Built from scratch. For the community. Get involved
- tihmstar/doubleH3lix - Jailbreak for iOS 10.x 64bit devices without KTRR
- coolstar/electra - Electra iOS 11.0 - 11.1.2 jailbreak toolkit based on async_awake
- ktiOSz/Exploit11.2 - Exploit iOS 11.2.x by ZIMPERIUM and semi-completed by me. Sandbox escapes on CVE-2018-4087
- jakeajames/rootlessJB - iOS 11.2 ~ 11.3.1 JB
- GeoSn0w/Osiris-Jailbreak - An incomplete iOS 11.2 -> iOS 11.3.1 Jailbreak
- coolstar/electra1131 - Electra for iOS 11.0 - 11.3.1
- PsychoTea/MeridianJB - An iOS 10.x Jailbreak for all 64-bit devices
- bazad/blanket - a sandbox escape targeting iOS 11.2.6, although the main vulnerability was only patched in iOS 11.4.1
- pwn20wndstuff/Undecimus - unc0ver jailbreak for iOS 11.0 - 11.4b3
Disassembler
Obfuscation
Debugger
- pmusolino/Wormholy - iOS network debugging, like a wizard
- cycript - explore and modify running applications on either iOS or Mac OS X using a hybrid of Objective-C++ and JavaScript syntax through an interactive console that features syntax highlighting and tab completion
Filesystem
- nlitsme/ubidump - Tool for viewing and extracting files from an UBIFS image
- emonti/afcclient - A simple CLI interface to AFC via libimobiledevice
Instrumentation
- Razzile/Liberation - A runtime patching library for iOS. Major rework on unfinished branch
- Urinx/iOSAppHook - 专注于非越狱环境下iOS应用逆向研究,从dylib注入,应用重签名到App Hook
- BishopFox/bfinject - Dylib injection for iOS 11.0 - 11.1.2 with LiberiOS and Electra jailbreaks
- cycript - allows developers to explore and modify running applications on either iOS or Mac OS X using a hybrid of Objective-C++ and JavaScript syntax through an interactive console that features syntax highlighting and tab completion
- XPoCe - XPC Snooping utilties for MacOS and iOS
Patch
- Naituw/IPAPatch - Patch iOS Apps, The Easy Way, Without Jailbreak
- landonf/libevil_patch - An implementation of function patching for iOS, without the use of W|X pages
Assessments
- chaitin/passionfruit - [WIP] Crappy iOS app analyzer
- snooze6/FiOS - small proof of concept gui for auditing iOS applications based on objection
- vtky/Swizzler2 - a tool to help analyze MDM/EMS iOS applications, it has grown to incorporate other features to assist and ease the job of penetration testers and security researchers in the security analysis of any iOS application
- iSECPartners/Introspy-iOS - Blackbox tool to help understand what an iOS application is doing at runtime and assist in the identification of potential security issues
Uncategorized
- Proteas/unstripped-ios-kernels - Unstripped iOS Kernels with All Symbols
- KJCracks/Clutch - Fast iOS executable dumper
- bazad/macho_gadgets - A tool to find gadgets in the iOS kernelcache
- nowsecure/node-applesign - NodeJS module and commandline utility for re-signing iOS applications (IPA files).
- AloneMonkey/frida-ios-dump - pull decrypted ipa from jailbreak device
- thehappydinoa/iOSRestrictionBruteForce - Crack iOS Restriction Passcodes with Python
- Proteas/unstripped-ios-kernels - Unstripped iOS Kernels
- mwrlabs/needle - The iOS Security Testing Framework
- BishopFox/bfdecrypt - Utility to decrypt App Store apps on jailbroken iOS 11.x
- n0fate/iChainbreaker - PoC code for analyzing iCloud Keychain
- Zuikyo/iOS-System-Symbols - Share iOS system framework's symbol files. Useful for symbolicating iOS crash report
- newosxbook.com - binbag - 一组工具
Books
Tutorials
- felixgr/secure-ios-app-dev - Collection of the most common vulnerabilities found in iOS applications
- iOS Application Security Review Methodology
Exploit writeups