This post is part 3 of a series giving an overview of the most useful iOS app pentesting tools. ‘Frida’ is a dynamic instrumentation tool that is primarily useful for runtime manipulation and dynamic analysis. ‘Objection’, created by Sensepost, is another useful tool built on top of Frida that makes Read more…
This post is part 2 of a series giving an overview of the most useful iOS app pentesting tools. ‘Cycript’ is a runtime manipulation tool that is primarily useful for dynamic analysis and exploring the flow of the app you’re testing. The series will be assuming that the user is Read more…
**NOTE: The app being analyzed is not my own, and therefore I have left out any identifying information. This is just a walkthrough of the steps one can take to search for similar vulnerabilities. This walkthrough will show how to use cycript to extract information from the app at runtime, Read more…