If you have an iDevice running iOS 9.2 or 9.3.3, by now you might have realized that the latest jailbreak from Pangu comes bundled with a series of issues.
In preparation for OWASP AppSec USA 2016, today we are releasing Needle V0.0.4, with new compatibility support, new modules, and lots of bug fixes! You can grab the new version from Github.
I’ve been quite busy developing Needle for the last few months, and I was happy to release it at Black Hat Arsenal USA 2016. But what happens now?
Needle is an open source modular framework which aims to streamline the entire process of conducting security assessments of iOS applications, and acts as a central point from which to do so.
This article is going to explain how to quickly get up to speed with Needle and its usage. To get a copy of Needle, and for a detailed walktrough on how to install it (since both Kali and OSX are supported), follow the “Installation Guide” on the project’s Github Wiki.
Assessing the security of an iOS application typically requires a plethora of tools, each developed for a specific need and all with different modes of operation and syntax. The Android ecosystem has tools like “drozer” that have solved this problem and aim to be a ‘one stop shop’ for the majority of use cases, however iOS does not have an equivalent.