Snoop-it tool to assist security assessments and dynamic analysis of iOS Apps
iOS applications may contain security risk that expose user’s sensitive information to attackers. Auditing programs used on mobile devices is important to make sure that they are safe and do not contain security vulnerabilities. Snoop-it is a tool that you can consider for analyzing mobile applications and debugging the software packages. Some of the features are:
- Application monitoring looking at the file system access.
- Verify that the application is using encrypted connection with HTTPS.
- Verify if the tool have access to sensitive API on phone devices.
- Debugging the outputs.
- Tracing the analyzed application.
- Identify fake hardware (UDID, Wireless MAC, etc.)
- Identify fake location/GPS data
- Explore and force display of available ViewController
- List custom URL schemes
- List available Objective-C classes, objects and methods
- Invoke arbitrary methods at runtime
- Bypass basic jailbreak detection mechanisms
Snoop-it can be installed on iOS 6 and MobileSubstrate from Cydia. Full installation instruction is available over this link: https://code.google.com/p/snoop-it/wiki/GettingStarted