Introspy is a set of iOS and Android tools designed to help understand what an iOS or Android application is doing at runtime and assist in the identification of potential security issues.
This is the repository for Introspy-Analyzer, a tool to turn a database generated by Introspy-iOS or Introspy-Android into an HTML report.
For more information about Introspy-Android see: https://isecpartners.github.io/Introspy-Android/
For more information about Introspy-iOS see: https://isecpartners.github.io/Introspy-iOS/
Introspy-Analyzer requires Python 2.6 or 2.7.
Introspy-iOS or Introspy-Android should first be run on the tester's device in order to collect information about the application to be reviewed. This data will be stored in a database on the device.
For iOS, databases can be fetched directly by Introspy-Analyzer over SSH:
python introspy.py -p ios -o output -f 192.168.1.12
For Android, the database will first have to be manually recovered (for example using adb). Then, a report can be generated using:
python introspy.py -p android -o output introspy-android.db
While the HTML formatted report is the most digestable format, Introspy-Analyzer can also be used directly from the command-line to display all recorded function calls:
python introspy.py -p ios -l introspy.db
For iOS databases, Introspy-Analyzer also allows users to enumerate various data
from the list of traced calls (via --info
), inlcuding a list of all of the
unique URLs accessed by the application (urls) and all files accessed (files).
python introspy.py -p ios -i urls introspy.db