iOS App Security Assessment Tool - idb

idb is a tool to simplify some common tasks for iOS app security assessments and research. Please see the Documentation for a more detailed summary of each function.

Features

• Assessment Setup
  • SSH port forwarding
  • Installation of helper utilities
• App Information
  • Bundle information
  • Registered URL Schemes
  • Platform and SDK Versions
  • Data folder location
  • Entitlements
• Data Storage
  • List plist files and data protection class
  • List sqlite files and data protection class
  • List Cache.db files and data protection class
  • Full app file system browser
    • Browse files
    • Download/view files
    • Check data protection
    • Rsync folders and keep git revisions
  • Dump iOS keychain
• Binary Analysis
  • Check for encryption
  • Check for protections (ASLR/PIE, DEP, ARC)
  • List shared libraries
  • Extract strings in app binary
  • Dump class and method signatures
• IPC
  • List URL handlers
  • Invoke and fuzz URL handlers
  • Monitor the iOS pasteboardA
• Other Tools
• Check for iOS backgrounding screenshot
• Install certificates
• Edit /etc/hosts file

Download idb