vFeed


Tools no image

Published on July 2nd, 2014 | by MaxiSoler

0

[New Tool] iAppliScan v0.02 Beta Released

iAppliScan lets you automate the review of the iOS application with passing few parameters. It gives pointers to possible vulnerabilities or weakness of the application.

Amongst the mobile attack vectors and security weakness, Local storage and its misuse is being considered as the key security concern from security and privacy standpoint. Unlike android, iOS does not provide any API to monitor file system directly. One needs to dig in to files/directories to find information stored in local storage across applications. Looking at the each file in the directory is a tedious and painful job while doing penetration testing of the target application. We need to have a simple utility to penetrate and analyze local storage in iOS platform. iAppliScan allows you to automate iOS application review. Current version of iAppliScan needs a jailbroken device with SSH access to interface. Device and iAppliScan needs to be in same network with access.

logo_iAppliScan

Some of the interesting features of iAppliScan which one can leverage during the testing of the application.

  • Look for sensitive information in files/directories
  • Find whether particular file exist or not
  • Download file for further analysis
  • Run external command

New features in version 0.02 (Beta) of iAppliScan

  • Poor cryptography detection – Detects Encoding (Base64, Hex, URL, HTML, GZip) and Hashing (MD5, SHA256, SHA384, SHA512)
  • Load/Save configuration for future use

More Information:
iAppliScan
User Manual

Download iAppliScan v0.02 Beta

Download iAppliScan (Windows – 32 bit)
Download iAppliScan (Windows – 64 bit)
Download iAppliScan (Mac)

Tags: , , , ,


About the Author

www.artssec.com @maxisoler



Back to Top ↑