iOS iblessing beta-0.2 - iOS security exploiting toolkit

[itsMe]

iblessing

    iblessing is iOS security exploiting toolkit, it mainly includes application information collection, static analysis, and dynamic analysis.
    iblessing is based on a unicorn engine and capstone engine.

Features

    iOS App static info extract, including meta data, deeplinks, urls, etc.
     Mach-O parser and dyld symbol bind simulator
     Objective-C class realizing and parsing
     Scanners making dynamic analysis for arm64 assembly code and find key information or attack surface
    Scanners using a unicorn to partially simulate Mach-O arm64 code execution and find some features
    Generators that can provide secondary processing on scanner’s report to start a query server, or generate a script for IDA
    objc_msgSend sub-functions analysis
     Diagnostic logs
     Tests
     More flexible scanner infrastructure for new scanner plugins
     Swift class and method parsing
     More scanners and generators
     Cross-platform

beta-0.2
feat: add objc-msg-xref report statistic generator
feat: add tests and samples
feat: add ivar instance mask to fix instance parse error, add NSClassFromString reflecton parse mechanism
feat(objc-msg-xref): fix some bug in tracing

To see this hidden content, you must like this content.