Posts Tagged ‘pentesting iphone applications’

Useful Cydia Apps for pentesting

07 Feb
For pentesting iPhone applications, we need to download a lot of tools from Cydia. Some of the necessary  tools are -

  • OpenSSH – Allows to connect to the iPhone remotely over SSH
  • Adv-cmds : Comes with a set of process commands like ps, kill, finger…
  • Sqlite3 : Sqlite database client
  • GNU Debugger: For run time analysis & reverse engineering
  • Syslogd : To view iPhone logs
  • Veency: Allows to view the phone on the workstation with the help of veency client
  • Tcpdump: To capture network traffic on phone
  • com.ericasadun.utlities: plutil to view property list files
  • Grep: For searching
  • Odcctools (Darwin CC tools): otool – object file displaying tool
  • Crackulous: Decrypt iPhone apps
  • Hackulous: To install decrypted apps
  • Cycript: Run time analysis & reverse engineering

    * To install crackulous and hackulous add to Cydia sources.
    * To install GNU Debugger on iOS 5 view -

Pentesting iPhone Applications

17 Oct

I have given a presentation on Pentesting iPhone Applications in c0c0n. This presentation mainly focuses on methodology, techniques and the tools that will help security testers while assessing the security of iPhone applications.




Posted in iPhone