《iOS安全测试与安全研究》

本项目是记录自己在学习iOS安全过程中遇到的优秀内容，包括优秀的项目代码或研究成果等。打破iOS的安全壁垒，直至封神！向伟大的乔布斯致敬！作者：0e0w

本项目创建于2021年7月17日，最近的一次更新时间为2023年10月11日。

• 01-iOS安全资源
• 02-iOS安全测试
• 03-iOS安全研究
• 04-iOS安全工具
• 05-iOS开发基础
• 06-iOS代码审计
• 07-iOS病毒分析
• 08-iOS安全产品

01-iOS安全资源

一、iOS安全书籍

• 《iOS安全测试与安全研究》@0e0w
• 《iOS应用安全攻防实战》@肖梓航译
• 《iOS应用逆向工程》@沙梓社
• 《最强iOS和macOS安全宝典》@蒸米译
• 《iOS应用逆向与安全之道》@罗巍
• 《iOS黑客攻防秘籍》@陈德
• 《九阴真经 iOS黑客攻防秘籍》@陈德
• 《iOS应用安全攻防》@扎德尔斯基
• 《iOS应用安全权威指南》@程伟译
• 《黑客攻防技术宝典-iOS实战篇》
• 《iOS测试指南》@芈峮
• 《大话移动APP测试：Android与 iOS应用测试指南》@陈晔
• 《iOS冰与火之歌系列》@蒸米
• 《iOS安全与防护》@crifan
• 《安全技术大系：iOS取证分析》
• 《iOS取证实战》
• 《Hacking and Securing iOS Applications》
• 《Mac OS X and iOS Internals:To the Apple’s Core》
• 《OS X and iOS Kernel Programming》
• 《OS X ABI Mach-O File Format》
• 《The Mac Hacker’s Handbook》
• 《Mac OS X Interals:A Systems Approach》

二、iOS视频课程

• https://www.uuid2.com/22640.html

三、iOS培训演讲

四、iOS专利文献

五、iOS国家标准

六、iOS论坛版块

• http://nianxi.net
• https://iosre.com
• https://www.chinapyg.com
• https://bbs.pediy.com

七、iOS其他资源

• https://github.com/silence0201/iOS-Reverse
• https://github.com/silence0201/iOS-Category
• https://github.com/0xmachos/iOS-Security-Guides
• https://github.com/pandazheng/IosHackStudy
• https://github.com/AloneMonkey/iOSREBook
• https://github.com/pandazheng/IOSCodes
• https://github.com/wufawei/iossecurity
• https://github.com/satan1a/awesome-ios-security-cn
• https://github.com/r0ysue/OSG-TranslationTeam
• https://github.com/tianjifou/iOS-security-attack-and-prevent
• https://github.com/LZRight123/GuardApp
• https://github.com/SmileZXLee/ZXHookDetection
• https://github.com/kingly09/KYSecurityDefense
• https://github.com/iskf/IOSSecurity
• https://github.com/JxbSir/WeChatHistory
• https://github.com/krystal1110/iOS-Security
• https://github.com/liukaiyi54/iOS-Security-Translate
• https://github.com/dreamchen/EUExMISP
• https://github.com/qimiKond/OSX_iOS_HackResourceList
• https://github.com/securing/IOSSecuritySuite
• https://github.com/aquynh/iVM
• https://github.com/blinksh/blink
• https://github.com/ChiChou/grapefruit
• https://github.com/chaitin/passionfruit
• https://github.com/Siguza/ios-resources
• https://tttang.com/archive/1381
• https://github.com/XLsn0w/Cydia
• https://github.com/psychsecurity/iOS-Pentesting
• https://github.com/Snifer/Pentesting-Mobile
• https://github.com/allyomalley/pentest_scripts
• https://github.com/xebia/mobilehacktools
• https://github.com/cnmsec/MpaasPentestTool
• https://github.com/dmayer/idb
• https://github.com/RickeyBoy/Rickey-iOS-Notes
• https://github.com/MobSF/Mobile-Security-Framework-MobSF
• https://github.com/vaib25vicky/awesome-mobile-security
• https://github.com/Cy-clon3/awesome-ios-security
• https://github.com/Naville/WTFJH
• https://github.com/MTJailed/iOS-Security-Papers
• https://github.com/Swordfish-Security/awesome-ios-security
• https://github.com/ender01/iOS-application-security
• https://github.com/vadim-a-yegorov/iOS-Internals-and-Security-Testing
• https://github.com/harleo/iOSPriSec
• https://github.com/sahad-mk/Fireprint
• https://github.com/chrizel/iOS-Security-and-Privacy-Guide
• https://github.com/NotSoEthical/iOS-Security-Research
• https://github.com/DamianMarkowski/ios-security
• https://github.com/yevh/iOS-Security-Scanners
• https://github.com/paulveillard/cybersecurity-macOS-iOS-security
• https://github.com/cyhe/iOSSecurity-Attack
• https://github.com/LZRight123/GuardApp
• https://github.com/wrlu/SecMobile
• https://github.com/sqlsec/MobileSecurity
• https://github.com/tanprathan/MobileApp-Pentest-Cheatsheet
• https://github.com/geeksniper/mobile-app-penetration-testing
• https://github.com/secmobi/wiki.secmobi.com
• https://github.com/project-imas
• https://github.com/iSECPartners
• IOS APP渗透测试漏洞汇总-工具环境和漏洞列表
• https://tttang.com/sort/ios
• https://github.com/ac0d3r/ios
• https://github.com/togettoyou/ipashare
• https://github.com/luoxuhai/Alock

02-iOS安全测试

一、测试项目汇总

二、公司测试文档

• 绿盟iOS安全测试指南
• 奇安信iOS安全测试指南
• 知道创宇iOS安全测试指南
• 平安科技iOS应用漏洞Wiki
• https://github.com/OWASP/owasp-mastg

三、测试文档资源

• https://www.yuque.com/ashineboy/rg8xcr/nromer

03-iOS安全研究

• https://github.com/Dioq/ReverseOC
• https://github.com/yahibo/iOSReverse

iOS安全第一步，越狱研究！

一、越狱研究

• checkra1n
• Fugu
• h3lix
• Taurine
• Fugu15
• https://github.com/palera1n/palera1n

二、安全机制

三、代码混淆

• https://github.com/netyouli/WHC_ConfuseSoftware
• https://github.com/2621532542/iOS_NQConfuseTool

四、逆向分析

• https://github.com/ivRodriguezCA/RE-iOS-Apps
• https://github.com/TinToSer/ios-RCE-Vulnerability
• https://github.com/MTJailed/FWLR

五、其他工具

• https://github.com/PigPRS/SafeSwiftDemo

04-iOS安全工具

• https://github.com/frida/frida
• https://github.com/S3Jensen/iRET
• https://github.com/ansjdnakjdnajkd/iOS
• https://github.com/WithSecureLabs/needle
• https://github.com/sensepost/objection
• https://github.com/noobpk/frida-ios-hook
• https://github.com/Lojii/Knot | 一款iOS端基于MITM的抓包工具 | 1.3k
• https://github.com/gofmt/iOSSniffer
• https://github.com/Urinx/iOSAppHook
• https://github.com/gofmt/itool
• https://github.com/majd/ipatool | ipa下载工具 | 2.9k
• https://github.com/Hacktivation/iOS-Hacktivation-Toolkit
• https://github.com/hughkli/Lookin
• https://appsec-labs.com/inalyzer
• https://github.com/ashishb/osx-and-ios-security-awesome
• https://github.com/Dado1513/awesome-iOS-security-tools
• https://github.com/iSECPartners/Introspy-iOS
• https://github.com/m0bilesecurity/RMS-Runtime-Mobile-Security
• https://github.com/kai5263499/osx-security-awesome
• https://github.com/alibaba/iOSSecAudit
• https://github.com/Soulghost/iblessing
• https://github.com/aktsk/ipautil
• https://github.com/aktsk/ipa-medit
• https://github.com/Alsan/ipapk-server
• https://github.com/guanchaoguo/AppDistribution
• https://github.com/bzon/gota
• https://github.com/toshi0383/ipanema
• https://github.com/aadog/fd
• https://github.com/ChiChou/bagbak
• https://github.com/enmity-mod/patcher
• https://github.com/bl-core-vitals/appdiff
• https://github.com/hcninja/ipanema
• https://github.com/OuterCloud/HelloIPA
• https://github.com/gotokatsuya/ipare
• https://github.com/follyxing/appfile-info
• https://github.com/CrackerCat/iOSBox
• https://github.com/SonicCloudOrg/sonic-ios-bridge
• https://github.com/blacktop/ipsw
• https://github.com/bitrise-io/codesigndoc
• https://github.com/c0618/iOSSniffer | iOS抓包工具 | 3
• https://github.com/SignTools/SignTools
• https://github.com/iineva/ipa-server
• https://github.com/fengjixuchui/iOSTracer
• https://github.com/steeve/itool
• https://github.com/m0bilesecurity/RMS-Runtime-Mobile-Security
• https://github.com/nettitude/scrounger
• https://www.i-funbox.com/zh-cn/index.html
• https://github.com/Soulghost/iblessing
• https://github.com/dmayer/idb
• https://github.com/seemoo-lab/toothpicker
• https://github.com/BishopFox/bfinject
• https://github.com/KJCracks/Clutch
• https://github.com/nygard/class-dump
• https://github.com/AloneMonkey/frida-ios-dump
• https://github.com/BishopFox/iSpy
• https://github.com/atomicbird/momdec
• https://github.com/autopear/ipainstaller
• https://github.com/dengbin9009/DecryptApp
• https://github.com/re-signing/resign
• https://project-imas.github.io

05-iOS开发基础

06-iOS代码审计

• https://github.com/felixgr/secure-ios-app-dev
• https://github.com/insidersec/insider
• https://github.com/realm/SwiftLint

07-iOS病毒分析

一、漏洞程序

• https://github.com/prateek147/DVIA
• https://github.com/prateek147/DVIA-v2
• https://github.com/GeoSn0w/Myriam
• https://github.com/GeoSn0w/iSecureOS
• https://github.com/OWASP/igoat
• https://github.com/WaTF-Team/WaTF-Bank
• https://github.com/IdanBanani/iOS-Vulnerability-Research
• https://github.com/oversecured/OversecuredVulnerableiOSApp

二、演示项目

• https://github.com/everettjf/Yolo

08-iOS安全产品

• https://www.v2ex.com/t/488679
• https://www.ijiami.cn/iosProtect
• https://sec.xiaodun.com/product/ios
• https://www.kiwisec.com/product/ios-encrypt.html
• https://www.dingxiang-inc.com/business/ios
• https://360.net/product-center/360-mobile-security/ios
• https://docs.aiot.virbox.com/how-to-use/iosprotection
• https://www.nagain.com/#/produCtenter/securityReinforce/ios
• https://www.secidea.com/mars.html
• https://www.bangcle.com/pages/cat_id/94.html

09-iOS安全老师

此处排名不分先后，向自己在学习iOS安全过程中遇到的每一位优秀老师致敬。感谢感谢！

• https://github.com/iOSSecurity
• 念茜
• 蒸米
• 唐巧