MASTG-TOOL-0073: radare2 (iOS)

radare2 is a complete framework for reverse-engineering and analyzing binaries. The installation instructions can be found in the GitHub repository. To learn more on radare2 you may want to read the official radare2 book.

Learn more:

Techniques¶

MASTG-TECH-0070: Extracting Information from the Application Binary MASTG-TECH-0118: Obtaining Compiler-Provided Security Features MASTG-TECH-0113: Obtaining Debugging Symbols MASTG-TECH-0082: Get Shared Libraries

Tests¶

MASTG-TEST-0209: Insufficient Key Sizes MASTG-TEST-0213: Use of Hardcoded Cryptographic Keys in Code MASTG-TEST-0214: Hardcoded Cryptographic Keys in Files MASTG-TEST-0210: Broken Symmetric Encryption Algorithms MASTG-TEST-0311: Insecure Random API Usage MASTG-TEST-0211: Broken Hashing Algorithms MASTG-TEST-0215: Sensitive Data Not Marked For Backup Exclusion MASTG-TEST-0303: References to APIs for Storing Unencrypted Data in Shared Storage MASTG-TEST-0300: References to APIs for Storing Unencrypted Data in Private Storage MASTG-TEST-0297: Insertion of Sensitive Data into Logs MASTG-TEST-0070: Testing Universal Links MASTG-TEST-0276: Use of the iOS General Pasteboard MASTG-TEST-0278: Pasteboard Contents Not Cleared After Use MASTG-TEST-0279: Pasteboard Contents Not Expiring MASTG-TEST-0280: Pasteboard Contents Not Restricted to Local Device MASTG-TEST-0248: References to APIs for Detecting Secure Screen Lock MASTG-TEST-0240: Jailbreak Detection in Code MASTG-TEST-0281: Undeclared Known Tracking Domains MASTG-TEST-0270: References to APIs Detecting Biometric Enrollment Changes MASTG-TEST-0266: References to APIs for Event-Bound Biometric Authentication MASTG-TEST-0268: References to APIs Allowing Fallback to Non-Biometric Authentication

Demos¶