A comprehensive cheatsheet and curated collection of the most usable tools for iOS and macOS penetration testing and mobile security.
Most usable tools for iOS penetration testing
This repository serves as a practical reference for penetration testers and red teamers focusing on iOS and macOS platforms, providing categorized tools and resources for exploitation, static analysis, jailbreak detection, and obfuscation. Security professionals use it to quickly identify and access relevant tools for mobile security assessments and reverse engineering tasks.
This repository is a curated reference and does not provide direct installation scripts or binaries; users must follow individual tool documentation for setup. Many tools require a jailbroken device or specific environment setups. Always verify compatibility and security implications before use in production environments.
Refer to individual tool repositories for installation, e.g., MobSF, Frida, Objection
For macOS plist viewing, use 'plutil' or Xcode
On Linux, install plist utilities via 'apt-get install libplist-utils'
Clone or download tools directly from linked GitHub repositories
Use package managers or follow official docs for tools like SwiftLint and PassionFruitplutil
View and manipulate plist files on macOS and iOS (with jailbreak)
apt-get install libplist-utils
Install plist utilities on Linux for plist file handling
Use MobSF from https://github.com/MobSF/Mobile-Security-Framework-MobSF
Mobile Security Framework for automated static and dynamic analysis
Frida installation as per https://www.frida.re/docs/installation/
Dynamic instrumentation toolkit for runtime analysis and hooking
Objection usage from https://github.com/sensepost/objection
Runtime mobile exploration toolkit powered by Frida
SwiftLint
Static code analysis tool for Swift to enforce style and conventions
Refer to Jailbreak Chart at https://www.reddit.com/r/jailbreak/wiki/escapeplan/guides/jailbreakcharts
Check jailbreak status and compatibility