iOS security tools

Although there are plenty of assessment tools available on the Internet, in this section, we will explore the important tools that suffice the requirement of assessing known and unknown vulnerabilities. All the security tools in this section will work only on a jailbroken device.


As we discussed in the Application code signing section in Chapter 2, Snooping Around the Architecture, the apps in the Apple store must be signed. In order to decrypt these apps to perform the binary analysis, we would require oTool. Unlike unsigned apps, these can be installed on jailbroken devices only.

oTool is extensively used during manual decryption to identify relevant misconfiguration in the way the app is packaged and installed on the device. ...

Get Mobile Application Penetration Testing now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.