Dynamic analysis using Cycript

Cycript is one the most popular tools used for runtime analysis of iOS apps. It's a JavaScript interpreter that also understands Objective-C syntax. The idea is to hook Cycript in the target application's process ID and perform actions using JavaScript or Objective-C or both. I would encourage you to go through its documentation in order to understand its functionality in depth.

In dynamic analysis, the important aspect is method swizzling. Method swizzling is changing the behavior/functionality of a method at runtime. To perform method swizzling, we require information about the methods that are used in backend for the application. The idea is as follows:

  • Reverse engineer the application using techniques that we studied ...

Get Learning iOS Penetration Testing now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.