IOS/macOS安全相关资料的收集

最新推荐文章于 2022-01-25 08:00:00 发布
置顶 最新推荐文章于 2022-01-25 08:00:00 发布
阅读量1.6k 收藏 6
点赞数
分类专栏: # 2 MacOS安全

• [PDF] https://objectivebythesea.com/v2/talks/OBTS_v2_Beer.pdf:
https://objectivebythesea.com/v2/talks/OBTS_v2_Beer.pdf
・ XNU内核如何实现跨进程快速传递大量消息以及其设计缺陷导致的安全问题 – R3dF09

• [macOS] [PDF] https://objectivebythesea.com/v2/talks/OBTS_v2_Henze.pdf:
https://objectivebythesea.com/v2/talks/OBTS_v2_Henze.pdf
・ macOS 10.14.3 越权访问Keychain漏洞 KeySteal 的技术细节 – R3dF09

IosHackStudy

官方文档:
https://www.apple.com/business/site/docs/iOS_Security_Guide.pdf

OSX/IOS Exploit分析文章

iOS 8.4.1 Yalu Open Source Jailbreak Project: https://github.com/kpwn/yalu

OS-X-10.11.6-Exp-via-PEGASUS: https://github.com/zhengmin1989/OS-X-10.11.6-Exp-via-PEGASUS

iOS 9.3.* Trident exp: https://github.com/benjamin-42/Trident

iOS 10.1.1 mach_portal incomplete jailbreak: https://bugs.chromium.org/p/project-zero/issues/detail?id=965#c2

iOS 10.2 jailbreak source code: https://github.com/kpwn/yalu102

Local Privilege Escalation for macOS 10.12.2 and XNU port Feng Shui: https://github.com/zhengmin1989/macOS-10.12.2-Exp-via-mach_voucher

Remotely Compromising iOS via Wi-Fi and Escaping the Sandbox: https://www.youtube.com/watch?v=bP5VP7vLLKo

Pwn2Own 2017 Safari sandbox: https://github.com/maximehip/Safari-iOS10.3.2-macOS-10.12.4-exploit-Bugs

Live kernel introspection on iOS: https://bazad.github.io/2017/09/live-kernel-introspection-ios/

iOS 11.1.2 IOSurfaceRootUserClient double free to tfp0: https://bugs.chromium.org/p/project-zero/issues/detail?id=1417

iOS 11.3.1 MULTIPATH kernel heap overflow to tfp0: https://bugs.chromium.org/p/project-zero/issues/detail?id=1558

iOS 11.3.1 empty_list kernel heap overflow to tfp0: https://bugs.chromium.org/p/project-zero/issues/detail?id=1564

CVE-2016-1749
http://turingh.github.io/2016/04/29/CVE-2016-1749内核代码执行POC分析/

CVE-2016-1757
http://googleprojectzero.blogspot.com/2016/03/race-you-to-kernel.html
https://github.com/gdbinit/mach_race

CVE-2016-1824
http://marcograss.github.io/security/apple/cve/2016/05/16/cve-2016-1824-apple-iohidfamily-racecondition.html

IOS越狱中使用到的漏洞列表
https://github.com/ChiChou/sploits

CVE-2019-6207
https://github.com/Synacktiv-contrib/CVE-2018-4193

CVE-2019-6207
https://github.com/maldiohead/CVE-2019-6207

一.Mac OS X内核编程开发官方文档:
I/O Kit Fundamentals: I/O Kit基础 - Mac OS X系统内核编程

https://developer.apple.com/library/mac/#documentation/devicedrivers/conceptual/IOKitFundamentals/index.html

Threading Programming Guide:MAC OS X 线程编程指南 - Mac OS X系统内核编程

http://developer.apple.com/library/ios/#documentation/Cocoa/Conceptual/Multithreading/index.html

Kernel Programming Guide:Mac OS内核编程 - Mac OS X系统内核编程

https://developer.apple.com/library/mac/#documentation/Darwin/Conceptual/KernelProgramming/index.html

Kernel Extension Programming Topics:Mac OS X内核扩展编程 - Mac OS内核编程

https://developer.apple.com/library/mac/#documentation/Darwin/Conceptual/KEXTConcept/index.html

Daemons and Services Programming Guide: 守护进程和服务编程指南 - Mac OS内核编程

https://developer.apple.com/library/mac/#documentation/MacOSX/Conceptual/BPSystemStartup/index.html

Introduction to 64-Bit Transition Guide:

https://developer.apple.com/library/mac/#documentation/Darwin/Conceptual/64bitPorting/index.html

Technical Note TN2163- Building Universal I/O Kit Drivers:

https://developer.apple.com/library/mac/#technotes/tn2163/_index.html

Technical Note TN2063- Understanding and Debugging Kernel Panics:

https://developer.apple.com/library/mac/#technotes/tn2063/_index.html

Technical Note TN2118- Kernel Core Dumps:

https://developer.apple.com/library/mac/#technotes/tn2004/tn2118.html

理解与调试Mac OS X内核恐慌:

http://www.apple.com.cn/developer/mac/library/documentation/Hardware/Conceptual/tn2002/

在 Mac OS X 内核发生崩溃时,系统会在屏幕上显示一条内核恐慌信息。一旦发生这样的错误,只有通过重新启动才能恢复系统的运行。

二、MAC驱动开发官方文档
Accessing Hardware From Applications: 通过应用程序访问MAC硬件 - Mac OS X系统内核,MAC驱动开发

https://developer.apple.com/library/mac/#documentation/DeviceDrivers/Conceptual/AccessingHardware/AH_Intro/AH_Intro.html

USB Device Interface Guide:MAC OS X USB设备驱动接口指南 - MAC驱动开发

https://developer.apple.com/library/mac/#documentation/DeviceDrivers/Conceptual/USBBook/USBIntro/USBIntro.html

HID Class Device Interface Guide:MAC OS X人机界面设备接口指南 - MAC驱动开发

https://developer.apple.com/library/mac/#documentation/DeviceDrivers/Conceptual/HID/index.html

I/O Kit Device Driver Design Guidelines:I/O Kit设备驱动设计指南 - Mac OS X系统内核,MAC驱动开发

https://developer.apple.com/library/mac/#documentation/DeviceDrivers/Conceptual/WritingDeviceDriver/index.html

Mac OS X 上 USB 驱动程序的匹配技巧

MAC OS X USB 驱动程序匹配原则基于 USB 通用类规范 。

三.Mac OS X系统内核,MAC驱动官方开源代码:
MAC OS X苹果开源项目源码下载地址: http://opensource.apple.com/tarballs/

里面有非常多的MAC OS X开源项目,本人经常使用的有以下资源:

http://opensource.apple.com/tarballs/AppleUSBCDCDriver/

http://opensource.apple.com/tarballs/IOUSBFamily/

http://opensource.apple.com/tarballs/IOSerialFamily/

http://opensource.apple.com/tarballs/IONetworkingFamily/

四. Mac OS X系统内核,MAC驱动调试工具:
本人主要使用的就是Kernel Debug Kit,可以点以下链接,搜索Kernel Debug Kit即可。

(需要Apple Developer帐号,免费注册一个即可。)

https://developer.apple.com/downloads/index.action

IOS安全学习资料汇总

(1) IOS安全学习网站收集:
http://samdmarshall.com
https://www.exploit-db.com
https://reverse.put.as
http://highaltitudehacks.com/security/
http://www.dllhook.com/
http://www.securitylearn.net/archives/
http://securitycompass.github.io/iPhoneLabs/index.html
http://security.ios-wiki.com
http://www.opensecuritytraining.info/IntroARM.html
https://truesecdev.wordpress.com/
http://resources.infosecinstitute.com/ios-application-security-part-1-setting-up-a-mobile-pentesting-platform/
http://esoftmobile.com/2014/02/14/ios-security/
http://bbs.iosre.com
http://bbs.chinapyg.com
http://blog.pangu.io/
http://yonsm.net/
http://nianxi.net/
http://cocoahuke.com/
https://blog.0xbbc.com
http://blog.imaou.com/
https://github.com/pandazheng/iOSAppReverseEngineering
http://drops.wooyun.org
http://bbs.pediy.com
http://www.blogfshare.com/
https://github.com/michalmalik/osx-re-101
http://blog.qwertyoruiop.com/
https://github.com/secmobi/wiki.secmobi.com
http://contagioexchange.blogspot.com/
http://contagiominidump.blogspot.com/
https://github.com/secmobi
https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=Guide_Development_Project
http://blog.dornea.nu/2014/10/29/howto-ios-apps-static-analysis/
http://www.dllhook.com/post/58.html
http://thexploit.com/category/secdev/
https://github.com/secmobi/wiki.secmobi.com
https://github.com/mdsecresearch
http://sectools.org/tag/os-x/
http://googleprojectzero.blogspot.com/
http://googleprojectzero.blogspot.com/2014/10/more-mac-os-x-and-iphone-sandbox.html
http://www.macexploit.com/
https://code.google.com/p/google-security-research/issues/list?can=1&q=iOS&sort=-id&colspec=ID Type Status Priority Milestone Owner Summary
https://code.google.com/p/google-security-research/issues/list?can=1&q=OSX&sort=-id&colspec=ID+Type+Status+Priority+Milestone+Owner+Summary&cells=tiles
http://googleprojectzero.blogspot.com/2014/11/pwn4fun-spring-2014-safari-part-ii.html
https://www.blackhat.com/docs/us-15/materials/us-15-Lei-Optimized-Fuzzing-IOKit-In-iOS-wp.pdf
https://www.youtube.com/watch?v=rxUgw5bEG3Y
https://www.theiphonewiki.com/wiki/Firmware
http://www.trustedbsd.org/mac.html
http://googleprojectzero.blogspot.com/2014/10/more-mac-os-x-and-iphone-sandbox.html
https://code.google.com/p/google-security-research/issues/list?can=1&q=OSX&sort=-id&colspec=ID+Type+Status+Priority+Milestone+Owner+Summary&cells=tiles
https://support.apple.com/zh-cn/HT205731
https://www.apple.com/support/security/
http://opensource.apple.com/tarballs/
https://mobile-security.zeef.com/oguzhan.topgu
http://www.powerofcommunity.net
http://cn.0day.today/exploits
https://recon.cx/2016/training/trainingios-osx.html
https://www.exploit-db.com/osx-rop-exploits-evocam-case-study/
https://www.offensive-security.com/vulndev/evocam-remote-buffer-overflow-on-osx/
https://www.yumpu.com/en/document/view/7010924/ios-kernel-heap-armageddon
http://contagiodump.blogspot.com/
http://www.dllhook.com/post/138.html
http://shell-storm.org/blog/Return-Oriented-Programming-and-ROPgadget-tool/
https://medium.com/@harryworld/100-days-of-osx-development-e61591fcb8c8#.vxyuyse12
http://www.poboke.com/study/reverse
https://www.offensive-security.com/vulndev/evocam-remote-buffer-overflow-on-osx/
https://www.exploit-db.com/osx-rop-exploits-evocam-case-study/
http://phrack.org/issues/69/1.html
https://www.exploit-db.com/docs/28479.pdf
https://speakerdeck.com/milkmix/ios-malware-myth-or-reality
https://bbs.pediy.com/thread-223117.htm

(2) IOS安全优秀博客文章
http://datatheorem.github.io/TrustKit/
http://ho.ax/posts/2012/02/resolving-kernel-symbols/
http://www.securitylearn.net/tag/pentesting-ios-apps/
https://truesecdev.wordpress.com/2015/04/09/hidden-backdoor-api-to-root-privileges-in-apple-os-x/
https://github.com/secmobi/wiki.secmobi.com
http://bbs.iosre.com/t/debugserver-lldb-gdb/65
http://bbs.pediy.com/showthread.php?t=193859
http://bbs.pediy.com/showthread.php?t=192657&viewgoodnees=1&prefixid=
http://blog.darkrainfall.org/2013/01/os-x-internals/
http://dvlabs.tippingpoint.com/blog/2009/03/06/reverse-engineering-iphone-appstore-binaries
http://drops.wooyun.org/papers/5309
http://www.blogfshare.com/category/ios-secure
https://www.safaribooksonline.com/library/view/hacking-and-securing/9781449325213/ch08s04.html
http://soundly.me/osx-injection-override-tutorial-hello-world/
https://nadavrub.wordpress.com/2015/07/23/injecting-code-to-an-ios-appstore-app/
http://blog.dewhurstsecurity.com/
https://github.com/project-imas
https://github.com/iSECPartners
https://www.nowsecure.com/blog/
http://lightbulbone.com/
http://www.tanhao.me/pieces/1515.html/
http://dongaxis.github.io/
https://truesecdev.wordpress.com/2015/04/09/hidden-backdoor-api-to-root-privileges-in-apple-os-x/

add macOS浏览器相关的文章
https://blog.ret2.io/

(3) IOS安全优秀GitHub
Contains all example codes for O’Reilly’s iOS 9 Swift Programming Cookbook
https://github.com/vandadnp/iOS-9-Swift-Programming-Cookbook
XCodeGhost清除脚本
https://github.com/pandazheng/XCodeGhost-Clean
Apple OS X ROOT提权API后门
https://github.com/tihmstar/rootpipe_exploit
Effortless and universal SSL pinning for iOS and OS X
https://github.com/datatheorem/TrustKit
Patch PE, ELF, Mach-O binaries with shellcode
https://github.com/secretsquirrel/the-backdoor-factory
iReSign allows iDevice app bundles (.ipa) files to be signed or resigned with a digital certificate from Apple for distribution
https://github.com/maciekish/iReSign
A Mach-O Load Command deobfuscator
https://github.com/x43x61x69/Mach-O-Prettifier
Dylib插入Mach-O文件
https://github.com/Tyilo/insert_dylib
dylib injector for mach-o binaries
https://github.com/KJCracks/yololib
Fast iOS executable dumper
https://github.com/KJCracks/Clutch
Binary distribution of the libimobiledevice library for Mac OS X
https://github.com/benvium/libimobiledevice-macosx
python utilities related to dylib hijacking on OS X
https://github.com/synack/DylibHijack
OSX dylib injection
https://github.com/scen/osxinj
IOS IPA package refine and resign
https://github.com/Yonsm/iPAFine
ROP Exploitation
https://github.com/JonathanSalwan/ROPgadget
Class-dump any Mach-o file without extracting it from dyld_shared_cache
https://github.com/limneos/classdump-dyld
Scan an IPA file and parses its info.plist
https://github.com/apperian/iOS-checkIPA
A PoC Mach-O infector via library injection
https://github.com/gdbinit/osx_boubou
IOS-Headers
https://github.com/MP0w/iOS-Headers
Interprocess Code injection for Mac OS X
https://github.com/rentzsch/mach_inject
OS X Auditor is a free Mac OS X computer forensics tool
https://github.com/jipegit/OSXAuditor
remove PIE for osx
https://github.com/CarinaTT/MyRemovePIE
A TE executable format loader for IDA
https://github.com/gdbinit/TELoader
Mobile Security Framework
https://github.com/ajinabraham/Mobile-Security-Framework-MobSF
A library that enables dynamically rebinding symbols in Mach-O binaries running on iOS
https://github.com/facebook/fishhook
OSX and iOS related security tools
https://github.com/ashishb/osx-and-ios-security-awesome
Introspy-Analyzer
https://github.com/iSECPartners/Introspy-Analyzer
Dumps decrypted mach-o files from encrypted iPhone applications from memory to disk
https://github.com/stefanesser/dumpdecrypted
Simple Swift wrapper for Keychain that works on iOS and OS X
https://github.com/kishikawakatsumi/KeychainAccess
idb is a tool to simplify some common tasks for iOS pentesting and research
https://github.com/dmayer/idb
Pentesting apps using Parse as a backend
https://github.com/igrekde/ParseRevealer
The iOS Reverse Engineering Toolkit
https://github.com/Vhacker/iRET
XNU - Mac OS X kernel
https://github.com/opensource-apple/xnu
Code injection + payload communications for OSX
https://github.com/mhenr18/injector
iOS related code
https://github.com/samdmarshall/iOS-Internals
OSX injection tutorial: Hello World
https://github.com/arbinger/osxinj_tut
Reveal Loader dynamically loads libReveal.dylib (Reveal.app support) into iOS apps on jailbroken devices
https://github.com/heardrwt/RevealLoader
NSUserDefaults category with AES encrypt/decrypt keys and values
https://github.com/NZN/NSUserDefaults-AESEncryptor
Blackbox tool to disable SSL certificate validation
https://github.com/iSECPartners/ios-ssl-kill-switch
应用逆向工程 抽奖插件
https://github.com/iosre/iosrelottery
Untested iOS Tweak to hook OpenSSL functions
https://github.com/nabla-c0d3/iOS-hook-OpenSSL
IOS *.plist encryptor project. Protect your .plist files from jailbroken
https://github.com/FelipeFMMobile/ios-plist-encryptor
Re-codesigning tool for iOS ipa file
https://github.com/hayaq/recodesign
Scans iPhone/iPad/iPod applications for PIE flags
https://github.com/stefanesser/.ipa-PIE-Scanner
xnu local privilege escalation via cve-2015-1140 IOHIDSecurePromptClient injectStringGated heap overflow | poc||gtfo
https://github.com/kpwn/vpwn
MachOView
https://github.com/gdbinit/MachOView
A cross-platform protocol library to communicate with iOS devices
https://github.com/libimobiledevice/libimobiledevice
WireLurkerDetector
https://github.com/pandazheng/WireLurker
Released in accordance with GPL licensing
https://github.com/p0sixspwn/p0sixspwn
xnu local privilege escalation via cve-2015
https://github.com/kpwn/tpwn
A simple universal memory editor (game trainer) on OSX/iOS
https://github.com/pandazheng/HippocampHairSalon
BinaryCookieReader源码
https://github.com/pandazheng/BinaryCookieReader
Tiamo’s bootloader
https://github.com/pandazheng/macosxbootloader
incomplete ios 8.4.1 jailbreak by Kim Jong Cracks
https://github.com/pandazheng/yalu
Security Scanner for OSX
https://github.com/openscanner/XGuardian
Sample kernel extension that demonstrates how to hide from kextstat
https://github.com/rc0r/KextHider
Example Mac OS X kernel extension that resolves symbols from the running kernel image
https://github.com/snare/KernelResolver
Sample Mac OS X (Mountain Lion) kernel extension that demonstrates how to hide files by hijacking getdirentries syscalls
https://github.com/rc0r/FileHider
Sample Mac OS X (Mountain Lion) kernel extension that demonstrates how to hide a process by modifying allproc and pidhashtbl
https://github.com/rc0r/ProcessHider
The Mach-O disassembler. Now 64bit and Xcode 6 compatible
https://github.com/x43x61x69/otx
A Mach-O binary codesign remover
https://github.com/x43x61x69/codeunsign
A Mach-O Load Command deobfuscator
https://github.com/x43x61x69/Mach-O-Prettifier
Very simple keylogger for self-quantifying on Mac OS X
https://github.com/dannvix/keylogger-osx
Manage iOS devices through iTunes lib
https://github.com/xslim/mobileDeviceManager
Detects the hardware, software and display of the current iOS or Mac OS X device at runtime
https://github.com/lmirosevic/GBDeviceInfo
Python Arsenal for Reverse Engineering
http://pythonarsenal.com/
A OS X crypto ransomware PoC
https://github.com/gdbinit/gopher
Frida
https://codeshare.frida.re/
源码级调试的XNU内核 https://bbs.ichunqiu.com/thread-48301-1-1.html
Armor:一款功能强大的macOS Payload加密工具,可绕过大部分AV
https://www.freebuf.com/sectool/190620.html
使用radare2逆向iOS Swift应用程序
https://www.freebuf.com/articles/terminal/191595.html
Debugging macOS Kernel For Fun
https://geosn0w.github.io/Debugging-macOS-Kernel-For-Fun/
MacMalware_2018
https://objective-see.com/downloads/MacMalware_2018.pdf
The best of OpenSource.Apple.Com for iOS
http://newosxbook.com/tools/iOSBinaries.html
FortiAppMonitor:用于监控macOS上的系统活动的强大工具
https://www.freebuf.com/sectool/193258.html

Samples
https://objective-see.com/malware.html#resources

(4) IOS安全优秀书籍
《Hacking and Securing iOS Applications》
《Mac OS X and iOS Internals:To the Apple’s Core》
《OS X and iOS Kernel Programming》
《OS X ABI Mach-O File Format》
《The Mac Hacker’s Handbook》
《Mac OS X Interals:A Systems Approach》
《黑客攻防技术宝典-IOS实战篇》
《IOS应用安全攻防实战》
《IOS应用逆向工程》
《IOS取证实战》
《安全技术大系:IOS取证分析》

(5) IOS安全Twitter
https://twitter.com/Technologeeks
https://twitter.com/osxreverser
https://twitter.com/Morpheus______
https://github.com/bazad

ipsw ios10 ipsw

https://ipsw.me/all
https://www.alliphone.com
https://www.theiphonewiki.com/wiki/Firmware_Keys
http://pastebin.com/FRMfanmT https://www.reddit.com/r/jailbreak/comments/4nyz1p/discussion_decrypted_kernel_cache_ios_10/d48cgd7 https://www.nowsecure.com/blog/2014/04/14/ios-kernel-reversing-step-by-step/
http://www.iphonehacks.com/download-iphone-ios-firmware

Mac下的一些软件
http://sqwarq.com/detectx/

Mac下的安全软件
https://objective-see.com/products.html

好的资料:
https://github.com/pandazheng/IosHackStudy

tangsilian
关注
  • 0
    点赞
  • 6
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
Mac OS X 隐藏进程相关资料
chuanyituoku的专栏
05-13 1603
http://forensic.n0fate.com/wp-content/uploads/2012/12/Hunting-Mac-OS-X-rootkit-with-Memory-Forensics.pdf
iOS_Security_Guide
11-24
iOS Security Guide iOS 8.3 or later April 2015 ------------------------------------------------------------
地表最强:iOS安全黑宝书中文版来袭
博文视点(北京)官方博客
08-19 796
iOSmacOS的系统原理与逆向基础,以及由此展开的漏洞分析挖掘与恶意代码分析检测,一直是安全技术里一个独特有魅力的领域,也是一个值得投入的领域。 不得不提,Jonathan Levin的中文版新书来了!这次是《最强iOSmacOS安全宝典》。 也就是*OS Internals, Volumn III这本书。 书名明显是致敬大名鼎鼎的Windows Internals系列,中规中矩的译法应该是《深入理解OS操作系统》,在Jonathan Levin《Android Internals, Volume
iOS_Security_Guide(安全保护).pdf
09-16
ios手机的安全机制的详细描述,对ios手机的安全机制的详细描述,对ios手机的安全机制的详细描述
iOS_Security_Guide-苹果安全白皮书
12-25
iOS_Security_Guide-2015-9
CoronaTracker:适用于iOSmacOS的带有地图和图表的Coronavirus跟踪器应用程序
01-31
遵循苹果的严格隐私政策,"CoronaTracker"在收集和处理用户数据时,很可能注重用户的隐私保护,不收集不必要的个人信息,确保用户数据的安全。 7. **推送通知与提醒**: 为了提醒用户最新的疫情变化,应用可能会...
iOS学习进程中的demo汇总.zip
最新发布
03-06
它包含了Swift编程语言、iOS平台以及macOS平台的相关知识。 Swift是Apple为iOSmacOS、watchOS和tvOS开发的应用程序的主要编程语言。它以其简洁、安全和高性能而闻名。Swift结合了C和Objective-C的优点,同时去除...
iOS 15.3 Xcode 开发包
02-21
Xcode集成了Swift编程语言的最新版本,Swift是一种快速、安全、互动性强的编程语言,被广泛用于iOS、iPadOS、macOS、watchOS和tvOS应用的开发。在Xcode中,开发者可以利用Swift的强大功能,编写出高效、可维护的代码...
iOS Xcode 15.2真机测试包
03-10
iOS开发过程中,Xcode是Apple官方提供的集成开发环境(IDE),它包含了编写、调试以及发布iOSmacOS应用程序所需的所有工具。Xcode 15.2是该软件的一个特定版本,提供了对最新iOS功能和技术的支持。在这个"iOS ...
ios 开发学习文档资料.zip
08-06
iOS开发学习文档资料》是一份综合性的学习资源,涵盖了从入门到进阶的iOS开发知识,特别关注Swift编程语言的使用。这份压缩包包含了两本高质量的PDF电子书籍,分别是"intermediate-ios10-swift.pdf"和"Swift iOS...
iOS安全保护介绍中文版官方iOS_Security_Guide
11-14
ios安全白皮书(中文版)
iOS-checkIPA 》ipa 文件信息检查工具
03-08
项目地址:https://github.com/Github-Benjamin/iOS-checkIPA 项目简介: 该工具为解决iOS日常测试时会检查ipa文件信息但又苦于没有mac的痛,遂开发一款小工具神器解决此痛点。 Java开发GUI工具获取ipa文件信息,类似于Windows下apkhelper查看Android APK文件信息。 操作环境与使用方法介绍: 1、环境要求:Java JDK1.7及以上 2、使用方法:桌面双击启动 或命令行启动 benjamin> java -jar /iOS-checkIPA.jar 3、GUI界面启动后,点击获取IPA信息弹出文件选择弹窗选择待检查的ipa文件信息,点击确认即可 4、读取ipa文件信息如:名称、包名、版本号、内部版本号、最小支持版本、证书有效期、文件路径、大小、md5等信息 IPA文件获取展示信息 CFBundleIconFiles icon CFBundleName | name CFBundleIdentifier | packge CFBundleShortVersionString | versionName CFBundleVersion | versionCode MinimumOSVersion | Min.SDK 证书MD5 | 目前缺失 文件信息: 文件名路径 MD5 大小 签名信息:embedded.mobileprovision Name | string | iOS Team Inhouse Provisioning Profile: ...... AppIDName | string | XC com ....... UUID | string | c8ec03ca-3f5e-.......... TeamName | string | Chengdu ....... CreationDate | date 无需要该信息 | 2018-04-28T06:52:43Z ExpirationDate | date | 2018-12-15T04:23:56Z
MacOS and iOS Internals, Volume IIIAppendixA全.pdf
09-06
MacOS and iOS Internals, Volume IIIAppendixA全.pdf
MACOS软件安全与逆向分析_14295173.pdf
06-23
MACOS软件安全与逆向分析_14295173
新书推荐:最强 iOS 安全黑宝书
寻找改变未来的算法
08-26 438
iOSmacOS的系统原理与逆向基础,以及由此展开的漏洞分析挖掘与恶意代码分析检测,一直是安全技术里一个独特有魅力的领域,也是一个值得投入的领域。不得不提,Jonathan Levin的...
每日一书丨地表最强:iOS安全黑宝书中文版来袭
Piotr_ce的博客
01-25 604
由于苹果公司的*OS操作系统是个闭源系统,所以在讲述相关主题时,是离不开软件逆向工程的。随手翻翻这本书,就能发现其中有大量的IDA截图。在拜读样书的时候,我也发现书中展示了许多逆向工程分析技巧,即便脱离*OS操作系统,仅掌握这些技巧本身也是非常有益的。更何况在本书的官网上还有大量的工具和资源,能帮助我们快速提高对*OS操作系统的认识。
IOS安全编码指南 Secure Coding Guide -- 01 Introduction 下
静静燃烧的雪的专栏
06-10 947
IOS安全编码指南 Secure Coding Guide -- 01 Introduction 下 No Platform Is Immune         platform |ˈplætfɔːm| noun 舞台         immune |ɪˈmjuːn| adjective 有免疫力的     So far, OS X has not fallen pr
iOS Security汇总
4lwin博客
06-26 1471
iOS应用逆向工程 知乎专栏: iOS安全开发者眼中的越狱iPhone安全iOS安全开发防护摘要 Reveal查看任意app的高级技巧 书籍推荐: 《iOS应用逆向工程:分析与实战》 iOS越狱程序开发 工具篇 构建和部署 Your First Tweak 总结 使用Theos做一个简单的Mobile Su
探索iOS/MacOS的Mach-O文件格式权威文档
Mach-O 文件格式是苹果公司(Apple Inc.)为 iOSmacOS 操作系统设计的一种可执行文件格式,该格式主要用于支持 Mac OS X(现称 macOS)应用程序的运行和部署。这份文档,名为 "Mach-O File Format",最初是 ...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值