├── .gitmodules ├── README.md ├── rmsub.sh └── update.sh /.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "woza"] 2 | path = woza 3 | url = https://github.com/woza-lab/woza 4 | [submodule "woza-desktop"] 5 | path = woza-desktop 6 | url = https://github.com/woza-lab/woza-desktop 7 | [submodule "frida-ios-dump"] 8 | path = frida-ios-dump 9 | url = https://github.com/AloneMonkey/frida-ios-dump 10 | [submodule "mobile-re"] 11 | path = mobile-re 12 | url = https://github.com/QKaiser/mobile-re 13 | [submodule "ssl-kill-switch2"] 14 | path = ssl-kill-switch2 15 | url = https://github.com/nabla-c0d3/ssl-kill-switch2 16 | [submodule "IPAPatch"] 17 | path = IPAPatch 18 | url = https://github.com/Naituw/IPAPatch 19 | [submodule "hookgrip"] 20 | path = hookgrip 21 | url = https://github.com/agustingianni/hookgrip 22 | [submodule "house"] 23 | path = house 24 | url = https://github.com/nccgroup/house 25 | [submodule "AppleSimulatorUtils"] 26 | path = AppleSimulatorUtils 27 | url = https://github.com/wix/AppleSimulatorUtils 28 | [submodule "MonkeyDev"] 29 | path = MonkeyDev 30 | url = https://github.com/AloneMonkey/MonkeyDev 31 | [submodule "iOS-sbutils"] 32 | path = iOS-sbutils 33 | url = https://github.com/bored-engineer/iOS-sbutils 34 | [submodule "ipatool"] 35 | path = ipatool 36 | url = https://github.com/majd/ipatool 37 | [submodule "ipa-dumper"] 38 | path = ipa-dumper 39 | url = git@github.com:marzzzello/ipa-dumper.git 40 | [submodule "Manticore"] 41 | path = Manticore 42 | url = git@github.com:ProjectManticore/Manticore.git 43 | [submodule "cicuta_virosa"] 44 | path = cicuta_virosa 45 | url = https://github.com/ModernPwner/cicuta_virosa.git 46 | [submodule "SSLBypass"] 47 | path = SSLBypass 48 | url = git@github.com:evilpenguin/SSLBypass.git 49 | [submodule "ThatWebInspector"] 50 | path = ThatWebInspector 51 | url = git@github.com:evilpenguin/ThatWebInspector.git 52 | [submodule "frida-ios-hook"] 53 | path = frida-ios-hook 54 | url = git@github.com:noobpk/frida-ios-hook.git 55 | [submodule "grapefruit"] 56 | path = grapefruit 57 | url = https://github.com/ChiChou/grapefruit.git 58 | [submodule "motan"] 59 | path = motan 60 | url = git@github.com:Dado1513/motan.git 61 | [submodule "iOS-SandBox-Dumper"] 62 | path = iOS-SandBox-Dumper 63 | url = git@github.com:dineshshetty/iOS-SandBox-Dumper.git 64 | [submodule "passionfruit"] 65 | path = passionfruit 66 | url = git@github.com:chaitin/passionfruit.git 67 | [submodule "ipa-extract-info"] 68 | path = ipa-extract-info 69 | url = git@github.com:nowsecure/ipa-extract-info.git 70 | [submodule "objection"] 71 | path = objection 72 | url = git@github.com:sensepost/objection.git 73 | [submodule "iostrace"] 74 | path = iostrace 75 | url = git@github.com:sh1ma/iostrace.git 76 | [submodule "ios_debugger_challenge"] 77 | path = ios_debugger_challenge 78 | url = git@github.com:rustymagnet3000/ios_debugger_challenge.git 79 | [submodule "iOS-URL-Schemes"] 80 | path = iOS-URL-Schemes 81 | url = git@github.com:phynet/iOS-URL-Schemes.git 82 | [submodule "iPwn"] 83 | path = iPwn 84 | url = git@github.com:brows3r/iPwn.git 85 | [submodule "TQ-pre-jailbreak"] 86 | path = TQ-pre-jailbreak 87 | url = git@github.com:pattern-f/TQ-pre-jailbreak.git 88 | [submodule "RMS-Runtime-Mobile-Security"] 89 | path = RMS-Runtime-Mobile-Security 90 | url = git@github.com:m0bilesecurity/RMS-Runtime-Mobile-Security.git 91 | [submodule "iHide"] 92 | path = iHide 93 | url = git@github.com:Kc57/iHide.git 94 | [submodule "EggShell"] 95 | path = EggShell 96 | url = git@github.com:neoneggplant/EggShell.git 97 | [submodule "xnu_gym"] 98 | path = xnu_gym 99 | url = https://github.com/tjkr0wn/xnu_gym.git 100 | [submodule "awesome-frida"] 101 | path = awesome-frida 102 | url = https://github.com/dweinstein/awesome-frida 103 | [submodule "bagbak"] 104 | path = bagbak 105 | url = git@github.com:ChiChou/bagbak.git 106 | [submodule "OpenJailbreak"] 107 | path = OpenJailbreak 108 | url = git@github.com:GeoSn0w/OpenJailbreak.git 109 | [submodule "iOS-Restrictions-Recovery"] 110 | path = iOS-Restrictions-Recovery 111 | url = git@github.com:alyxferrari/iOS-Restrictions-Recovery.git 112 | [submodule "iOS-Jailbreak-Development"] 113 | path = iOS-Jailbreak-Development 114 | url = git@github.com:GeoSn0w/iOS-Jailbreak-Development.git 115 | [submodule "Fireprint"] 116 | path = Fireprint 117 | url = git@github.com:sahad-mk/Fireprint.git 118 | [submodule "iOSRestrictionBruteForce"] 119 | path = iOSRestrictionBruteForce 120 | url = git@github.com:thehappydinoa/iOSRestrictionBruteForce.git 121 | [submodule "fd"] 122 | path = fd 123 | url = git@github.com:a97077088/fd.git 124 | [submodule "Clutch"] 125 | path = Clutch 126 | url = https://github.com/KJCracks/Clutch.git 127 | [submodule "Command-Mobile-Penetration-Testing-Cheatsheet"] 128 | path = Command-Mobile-Penetration-Testing-Cheatsheet 129 | url = git@github.com:mirfansulaiman/Command-Mobile-Penetration-Testing-Cheatsheet.git 130 | [submodule "ApplicationScanner"] 131 | path = ApplicationScanner 132 | url = git@github.com:paradiseduo/ApplicationScanner.git 133 | [submodule "AppInfoScanner"] 134 | path = AppInfoScanner 135 | url = git@github.com:kelvinBen/AppInfoScanner.git 136 | [submodule "jbctl"] 137 | path = jbctl 138 | url = https://github.com/sbingner/jbctl.git 139 | [submodule "Taurine"] 140 | path = Taurine 141 | url = git@github.com:Odyssey-Team/Taurine.git 142 | [submodule "iOS-Restriction-Key-Cracker"] 143 | path = iOS-Restriction-Key-Cracker 144 | url = git@github.com:Starwarsfan2099/iOS-Restriction-Key-Cracker.git 145 | [submodule "iOS-Restrictions-Cracker"] 146 | path = iOS-Restrictions-Cracker 147 | url = git@github.com:alex-taffe/iOS-Restrictions-Cracker.git 148 | [submodule "MEDUZA"] 149 | path = MEDUZA 150 | url = git@github.com:kov4l3nko/MEDUZA.git 151 | [submodule "dragon"] 152 | path = dragon 153 | url = git@github.com:DragonBuild/dragon.git 154 | [submodule "Arcane"] 155 | path = Arcane 156 | url = git@github.com:tokyoneon/Arcane.git 157 | [submodule "ios_triage"] 158 | path = ios_triage 159 | url = git@github.com:RealityNet/ios_triage.git 160 | [submodule "pongoOS"] 161 | path = pongoOS 162 | url = git@github.com:checkra1n/pongoOS.git 163 | [submodule "autodecrypt"] 164 | path = autodecrypt 165 | url = git@github.com:matteyeux/autodecrypt.git 166 | [submodule "iBoot64helper"] 167 | path = iBoot64helper 168 | url = git@github.com:argp/iBoot64helper.git 169 | [submodule "libirecovery"] 170 | path = libirecovery 171 | url = git@github.com:libimobiledevice/libirecovery.git 172 | [submodule "iBoot64Finder"] 173 | path = iBoot64Finder 174 | url = git@github.com:haiyuidesu/iBoot64Finder.git 175 | [submodule "ida-iboot-loader"] 176 | path = ida-iboot-loader 177 | url = git@github.com:matteyeux/ida-iboot-loader.git 178 | [submodule "piRa1n"] 179 | path = piRa1n 180 | url = git@github.com:raspberryenvoie/piRa1n.git 181 | [submodule "PongoHelper"] 182 | path = PongoHelper 183 | url = git@github.com:NyaMisty/PongoHelper.git 184 | [submodule "r2clutch"] 185 | path = r2clutch 186 | url = git@github.com:as0ler/r2clutch.git 187 | [submodule "appmon"] 188 | path = appmon 189 | url = git@github.com:dpnishant/appmon.git 190 | [submodule "pinera1n"] 191 | path = pinera1n 192 | url = git@github.com:powenn/pinera1n.git 193 | [submodule "odysseyn1x"] 194 | path = odysseyn1x 195 | url = git@github.com:raspberryenvoie/odysseyn1x.git 196 | [submodule "smserver"] 197 | path = smserver 198 | url = https://github.com/iandwelker/smserver.git 199 | [submodule "ProxySwitcher"] 200 | path = ProxySwitcher 201 | url = git@github.com:mikaelbo/ProxySwitcher.git 202 | [submodule "marisa"] 203 | path = marisa 204 | url = git@github.com:ExhoAR22/marisa.git 205 | [submodule "mdm-inhibitor"] 206 | path = mdm-inhibitor 207 | url = git@github.com:francescomasala/mdm-inhibitor.git 208 | [submodule "mkcert"] 209 | path = mkcert 210 | url = https://github.com/FiloSottile/mkcert 211 | [submodule "twackup-rs"] 212 | path = twackup-rs 213 | url = git@github.com:danpashin/twackup-rs.git 214 | [submodule "iOS_sysdiagnose_forensic_scripts"] 215 | path = iOS_sysdiagnose_forensic_scripts 216 | url = git@github.com:cheeky4n6monkey/iOS_sysdiagnose_forensic_scripts.git 217 | [submodule "APOLLO"] 218 | path = APOLLO 219 | url = git@github.com:mac4n6/APOLLO.git 220 | [submodule "iOS-Mobile-Installation-Logs-Parser"] 221 | path = iOS-Mobile-Installation-Logs-Parser 222 | url = git@github.com:abrignoni/iOS-Mobile-Installation-Logs-Parser.git 223 | [submodule "icloud-12.5.1-bypass"] 224 | path = icloud-12.5.1-bypass 225 | url = git@github.com:adrianjagielak/icloud-12.5.1-bypass.git 226 | [submodule "Checkra1n-and-odysseyra1n-easy-installer"] 227 | path = Checkra1n-and-odysseyra1n-easy-installer 228 | url = git@github.com:jroemer551/Checkra1n-and-odysseyra1n-easy-installer.git 229 | [submodule "c0verup"] 230 | path = c0verup 231 | url = git@github.com:shadow1Python/c0verup.git 232 | [submodule "NetworkSniffer"] 233 | path = NetworkSniffer 234 | url = git@github.com:evilpenguin/NetworkSniffer.git 235 | [submodule "ios-analysis"] 236 | path = ios-analysis 237 | url = https://github.com/IAIK/ios-analysis 238 | [submodule "CrackBot2"] 239 | path = CrackBot2 240 | url = https://github.com/n3d1117/CrackBot2 241 | [submodule "LookinLoader"] 242 | path = LookinLoader 243 | url = https://github.com/creantan/LookinLoader 244 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # ios-arsenal 2 | 3 | Scripts and tool for iOS app reversing 4 | 5 | 6 | ## Requirements 7 | 8 | OS X packages 9 | ``` 10 | brew install libimobiledevice usbmuxd radamsa npm blobsaver 11 | brew install mkcert 12 | brew install nss # if you use Firefox 13 | 14 | ``` 15 | 16 | Python packages 17 | ``` 18 | pip3 install frida-tools objection 19 | ``` 20 | 21 | 22 | Node.js packages 23 | 24 | ``` 25 | # grapefruit 26 | npm install -g igf 27 | npm install -g passionfruit 28 | npm install -g iostrace 29 | npm install -g bagbak 30 | 31 | ``` 32 | 33 | ## Package managers 34 | 35 | 36 | Cydia, Sileo, [Zebra](https://getzbra.com/) 37 | 38 | 39 | https://github.com/zbrateam/Zebra 40 | 41 | 42 | ## Usefull links 43 | 44 | https://ub3rsick.github.io/2020/05/12/frida-instrumentation-ios-nsurlsession/ 45 | 46 | https://hakin9.org/toothpicker-an-in-process-coverage-guided-fuzzer-for-ios/ 47 | 48 | https://ios.cfw.guide/installing-odysseyra1n#downloads-macos 49 | 50 | https://frida.re/docs/ios/ 51 | 52 | https://www.klmlabs.co/blog/jailbreak-detection 53 | 54 | https://blog.digital-forensics.it/2019/12/checkra1n-era-ep-5-automating.html 55 | 56 | https://portswigger.net/burp/documentation/desktop/tools/mobile-assistant/installing 57 | 58 | https://blog.elcomsoft.ru/2021/05/izvlechenie-dannyh-iz-iphone-s-ispolzovaniem-checkm8-rukovodstvo/ 59 | -------------------------------------------------------------------------------- /rmsub.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Remove the submodule entry from .git/config 4 | git submodule deinit -f path/to/submodule 5 | 6 | # Remove the submodule directory from the superproject's .git/modules directory 7 | rm -rf .git/modules/path/to/submodule 8 | 9 | # Remove the entry in .gitmodules and remove the submodule directory located at path/to/submodule 10 | git rm -f path/to/submodule -------------------------------------------------------------------------------- /update.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | git submodule update --recursive --remote --merge 4 | git add . && git commit -m 'Update submodules to latest revisions' 5 | --------------------------------------------------------------------------------