MVT (Mobile Verification Toolkit) automates forensic analysis of Android and iOS devices to detect signs of spyware compromise.
MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.
This tool is primarily used by digital forensics experts and investigators to gather and analyze forensic traces from mobile devices potentially targeted by sophisticated spyware. It aids in incident response and threat hunting by scanning devices against known indicators of compromise, especially in cases involving human rights defenders and civil society members.
MVT is intended for use by skilled digital forensic professionals and requires familiarity with command-line tools and forensic concepts. It is not designed for end-user self-assessment and should be used with consent to avoid privacy violations. Public IOCs alone may not guarantee detection of all compromises; comprehensive analysis requires access to non-public threat intelligence.
Ensure Python 3 and dependencies are installed (see documentation)
Run `pip3 install mvt` to install the toolkit from PyPI
Refer to official documentation for alternative installation methods and troubleshootingmvt-ios
Command to perform forensic analysis and scanning on iOS devices
mvt-android
Command to perform forensic analysis and scanning on Android devices