GithubHelp home page GithubHelp logo

hartl3y94 / introspy-analyzer Goto Github PK

View Code? Open in Web Editor NEW

This project forked from isecpartners/introspy-analyzer

0.0 0.0 0.0 332 KB

License: GNU General Public License v2.0

Python 34.36% JavaScript 54.79% HTML 10.85%

introspy-analyzer's Introduction

Introspy-Analyzer

Introspy is a set of iOS and Android tools designed to help understand what an iOS or Android application is doing at runtime and assist in the identification of potential security issues.

This is the repository for Introspy-Analyzer, a tool to turn a database generated by Introspy-iOS or Introspy-Android into an HTML report.

For more information about Introspy-Android see: https://isecpartners.github.io/Introspy-Android/

For more information about Introspy-iOS see: https://isecpartners.github.io/Introspy-iOS/

Installation

To install Introspy-Analyzer, you can either install it as a package so it can be executed from anywhere (recommended) or just clone this repo and run it as a script.

As a package:

pip install git+https://github.com/iSECPartners/Introspy-Analyzer.git
# (From anywhere)
python -m introspy <args>

Or locally:

git clone https://github.com/iSECPartners/Introspy-Analyzer.git
python Introspy-Analyzer.introspy <args>

Generating HTML Reports

Introspy-Analyzer requires Python 2.6 or 2.7.

Introspy-iOS or Introspy-Android should first be run on the tester's device in order to collect information about the application to be reviewed. This data will be stored in a database on the device.

With Introspy-iOS

For iOS, databases can be fetched directly by Introspy-Analyzer over SSH:

python -m introspy -p ios -o output -f 192.168.1.12

With Introspy-Android

For Android, the database will first have to be manually recovered (for example using adb). Then, a report can be generated using:

python -m introspy -p android -o output introspy-android.db

Command Line Output

While the HTML formatted report is the most digestable format, Introspy-Analyzer can also be used directly from the command-line to display all recorded function calls:

python -m introspy -p ios -l introspy.db

Enumerations - iOS Only

For iOS databases, Introspy-Analyzer also allows users to enumerate various data from the list of traced calls (via --info), inlcuding a list of all of the unique URLs accessed by the application (urls) and all files accessed (files).

python -m introspy -p ios -i urls introspy.db

introspy-analyzer's People

Contributors

grazfather avatar nabla-c0d3 avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.