Needle – iOS Security Testing Framework

Needle is the MWR’s iOS Security Testing Framework. It is an open source modular framework which aims to streamline the entire process of conducting security assessments of iOS applications, and acts as a central point from which to do so.

Needle is intended to be useful not only for security professionals, but also for developers looking to secure their code. A few examples of testing areas covered by Needle include: data storage, inter-process communication, network communications, static code analysis, hooking and binary protections. The only requirement in order to run Needle effectively is a jailbroken device.

Needle - iOS Security Testing Framework

Needle – iOS Security Testing Framework

Some of the features with this tool:

  • Shell access to the device
  • Command execution on the iOS
  • Loading files on the device
  • Binary Analysis
  • Data Storage Analysis with test to see if the application is violating the security requirement
  • Dynamic Analysis with several verification such as check that the app cannot be run on a jailbroken device, Dump memory regions of the app and look for strings,
  • Monitor the app data folder and keep track of modified files
  • Monitor the OS Pasteboard and dump its content
  • Monitor the syslog in background and dump its content
  • Watch the syslog in realtime
  • Hooking application calls
  • Static analysis of the apps source code

The release of version 1.0.0 provided a major overhaul of its core and the introduction of a new native agent, written entirely in Objective-C. The new NeedleAgent is an open source iOS app complementary to Needle, that allows to programmatically perform tasks natively on the device, eliminating the need for third party tools.

There are more features in the list while confirmed devices to supported are iOS 8, 9, and 10.  You can read more and download this tool over here:

Notify of
Inline Feedbacks
View all comments