Frisky is an instruments to assist in binary application reversing and augmentation, geared towards walled gardens like iOS. Most, if not all, recently tested on iOS 11.1.2 and macOS 10.12.6.
Intercepts all URLs of an iOS/macOS application, allowing you to trace and alter/intercept all network traffic, including https, per app before encryption and after decryption:
frida -U -n Safari -l frida-url-interceptor.js
Also Read Dejavu – Open Source Deception Framework
When building recent iOS jailbreaks dependent on SHA256 signatures, ldid2
is required. This repo will allow you to easily compile ldid
and ldid2
for signing and modifying an iOS binary’s entitlements, and thus jailbreaking a device.
ldid{2} -e MobileSafari
# to dump MobileSafari’s entitlementsldid{2} -S cat
# to sign cat/System/Library/Caches/com.apple.dyld/dyld_shared_cache_arm*
into individual dylibs:mkdir -p dylibs && dyld-210.2.3-patched/launch-cache/dsc_extractor /path/to/copied/dyld_shared_cache_arm* dylibs
frida-trace -U -i "*tls*" Twitter
# hook all calls matching /tls/i for the Twitter app__handlers__/libcoretls.dylib/tls_private_key_create.js
will be generated: onEnter
‘s args[2]
is first argument to the function Memory.readUtf8String(args[2])
or ObjC.Object(args[2]))
onLeave
‘s retval
is the return value log(retval.toInt32())
retval.replace(0)
system_profiler SPUSBDataType|perl -n0e'`rvictl -s $1`if/iP(?:hone|ad):.*?Serial Number: (\S+)/s';sudo tcpdump -i rvi0
su mobile && mkdir -p ~/tmp && cd ~/tmp && DYLD_INSERT_LIBRARIES=/usr/lib/dumpdecrypted.dylib /var/containers/Bundle/Application/*/AppName.app/AppName
deviceconsole
unbuffer deviceconsole | grep something
# keeps pretty colors- requires
expect, can be installed via
sudo port install expector
brew install expect`mv /Library/TweakInject /Library/TweakInject.bak && ln -s /Library/MobileSubstrate/DynamicLibraries /Library/TweakInject && killall -HUP SpringBoard
Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…
JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…
The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…
Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…
SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…
Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…