Pentest & Bug Bounty Resources and Techniques
  • Pentest & Bug Bounty Resources and Techniques
    • Introduction
    • Tests Checklist
    • OSINT
    • Communications Security
      • SSL/TLS
    • Networking
      • Subdomains Discovery
        • DNS & OSINT
        • DNS Brute force
          • Second DNS Brute-Force Round
      • Subdomain Takeover
      • Network Host Scan/Discovery
        • External/Internal
        • Internal only
      • Network Vulnerability Scanning
      • Network Hacking
      • Parsing
      • Reporting
    • Brute Force
      • Wordlists
      • Databases
      • SSH
    • Web
      • Endpoint Discovery
      • Infrastructure & Configuration
        • Headers
        • WAF Detection/ Evasion
      • Injection
        • GraphQL
        • Cross-Site Scripting (XSS)
        • SQL Injection
        • Payloads
      • SSRF & XXE
        • Labs & Resources
        • Tools
        • SVG SSRF Cheatsheet
        • XXE - XEE - XML External Entity
      • JWT Vulnerabilities (Json Web Tokens)
      • HTTP/S DoS
    • Mobile
      • Both
        • SAST
          • MobSF
        • DAST
          • Installing Frida and Objection
      • Android
        • Create a Lab
          • Rooting Android Emulator
          • Rooting Android Emulator Cheat Sheet
        • APK Certificates
        • SAST
          • APKs
            • Get Information from APK
            • GDA (GJoy Dex Analysizer)
            • Scanning APK for URIs, endpoints & secrets
            • Google Maps API Scanner
        • DAST
          • Rooting the Android Studio AVDs
          • non-Rooted devices
            • Bypass SSL Pinning - non-rooted devices
              • Method 1: apk-mitm
              • Instrumentation with Frida and Objection
                • Bypass SSL Pinning - Method 2: With Objection Explore
                • Bypass SSL Pinning - Method 3: With root_bypass.js
          • Rooted Devices
            • Run frida-server in the emulator or device
            • Inject Frida
            • Bypass SSL Pinning - rooted devices
              • Install Burp CA as a system-level CA on the device
      • iOS
        • SAST
          • Building a reverse iOS engineering environment for free
          • Test Vulnerabilities
  • Lets Practice
    • Virtual Machines
    • Vulnerable App
    • Guided Labs
    • CTFs
  • Group 1
    • AI
Powered by GitBook
On this page
  • Automated Tools
  • Ipanema
  1. Pentest & Bug Bounty Resources and Techniques
  2. Mobile
  3. iOS

SAST

Reverse Engineering and Static Analysis

PreviousiOSNextBuilding a reverse iOS engineering environment for free

Last updated 3 years ago

Automated Tools

Ipanema

Ipanema is a tool for iOS ipa application security assessment.

Installation

The easiest way is to download a precompiled binary for your architecture and operating system from the releases tab.

If you want to build it by yourself follow this steps:

go get dev.hackercat.ninja/hcninja/ipanema go install dev.hackercat.ninja/hcninja/ipanema

If this doesn't work, go to the project folder and do a go get -u before go install.

Usage

The usage is easy, ipanema -ipa my.ipa, the analysis will output some useful info to stdout, and after the analysis finishes you will find all the analysis data in the temporal path created by ipanema under the folder analysisResult. This folder will contain multiple txt files with the data specified in the filename, useful to grep for info, aside of this, the whole analysis will be dumped in an analysis.json file, try to use jq to filter and search through the info.

https://dev.hackercat.ninja/hcninja/ipanemadev.hackercat.ninja
Sample usage and output