April 12, 2024 | Cameron Brown
Recently, I have developed a tool for dumping pertinent .db and .sqlite files from jailbroken iOS devices for manual review. Initially, I developed the tool to automate a process I did by hand while running an iOS penetration test. Hopefully this tool can be helpful to others who frequently run iOS penetration tests.
For more information, please visit my GitHub to view the source code or to install and use the tool!
In the future, I hope to add to this tool and have it be capable of dumping all static information relating to iOS applications. This will take some time out of the arduous task of manually reviewing information stores for iOS applications. As an end goal, I very much hope to add a feature that will attempt static analysis on these files and further reduce the time needed for manual review of stored information.
For any feedback or inquiries, please feel free to contact me on GitHub or at cameron.brown@exfilsecurity.com.