Needle is an open source modular framework which aims to streamline the entire process of conducting security assessments of iOS applications, and acts as a central point from which to do so. Given its modular approach, Needle is easily extensible and new modules can be added in the form of python scripts. Needle is intended to be useful not only for security professionals, but also for developers looking to secure their code. A few examples of testing areas covered by Needle include: data storage, inter-process communication, network communications, static code analysis, hooking and binary protections. The only requirement in order to run Needle effectively is a jailbroken device.

1. Device Setup

Prerequisites

The only prerequisite is a Jailbroken device, with the following packages installed:

Cydia
Apt 0.7 Strict

Install the Needle Agent

Add the following repository to the Cydia Sources: http://mobiletools.mwrinfosecurity.com/cydia/
Search for NeedleAgent and install the package

If the setup process is successful, you'll find the NeedleAgent app on the home screen

2. Workstation Setup

Get a copy of Needle

git clone https://github.com/mwrlabs/needle.git

Install Dependencies

Kali

# Unix packages
sudo apt-get install python2.7 python2.7-dev sshpass sqlite3 lib32ncurses5-dev

# Python packages
sudo pip install readline paramiko sshtunnel frida mitmproxy biplist

OS X

# Core dependencies
brew install python
brew install libxml2
xcode-select --install

# Python packages
sudo -H pip install --upgrade --user readline
sudo -H pip install --upgrade --user paramiko
sudo -H pip install --upgrade --user sshtunnel
sudo -H pip install --upgrade --user frida
sudo -H pip install --upgrade --user biplist

# sshpass
brew install https://raw.githubusercontent.com/kadwanev/bigboybrew/master/Library/Formula/sshpass.rb

# mitmproxy
wget https://github.com/mitmproxy/mitmproxy/releases/download/v0.17.1/mitmproxy-0.17.1-osx.tar.gz
tar -xvzf mitmproxy-0.17.1-osx.tar.gz
sudo cp mitmproxy-0.17.1-osx/mitm* /usr/local/bin/

Github Project

Disclaimer

This website uses cookies, and also collects some information using Google Analytics. Any actions and or activities related to the material contained within this Website is solely your responsibility.The misuse of the information in this website can result in criminal charges brought against the persons in question. The authors and www.hack4.net will not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this website to break the law.

HACK4NET 🤖 Pentest Tools and News

Needle - iOS Security Testing Framework

1. Device Setup

Prerequisites

Install the Needle Agent

2. Workstation Setup

Get a copy of Needle

Install Dependencies

Kali

OS X

Post a Comment

No comments

Search This Blog

Recommend You

Build Your Own PwnPhone

Follow Us

Random Posts

Popular Posts

Disclaimer

Popular Posts

HACK4NET 🤖 Pentest Tools and News

Needle - iOS Security Testing Framework

1. Device Setup

Prerequisites

Install the Needle Agent

2. Workstation Setup

Get a copy of Needle

Install Dependencies

Kali

OS X

Related Posts

Post a Comment

No comments

Search This Blog

Recommend You

Build Your Own PwnPhone

Follow Us

Random Posts

Popular Posts

Disclaimer

Popular Posts