In this article, I tried to overview: What iOS Apps Security Scanners exist on the market, What capabilities they provide, and what vulnerabilities they can discover. Given that new solutions and vulnerable applications often appear on the market, this article will be updated further. Separate article will be created for the Android Apps Security scanners.
Structure:
- Introduction
- Vulnerable applications
- iOS Security scanners solutions list
- iOS Security scanners solutions are free
- Solutions Plans
- Results of scanning vulnerable iOS apps with existing solutions
- Advantages and disadvantages
- Conclusion
Introduction
Some time ago, I found that there are many solutions on the market, but there is no comparison about how good they are and what security issues they can discover. I hope after reading this article you will be able to conclude which solution is best for you.
Vulnerable applications
I took the following vulnerable iOS applications:
1) DVIA-v2
2) iGoat-Swift
Note: A comparison of real production applications where the vulnerabilities were found and confirmed by manual investigation would be better, but this is not possible for several reasons.
iOS Security scanners solutions list
iOS Security scanners solutions are free?
Solutions Plans
Open Source ;)
Scanning vulnerable iOS apps with existing solutions
DVIAv2 vulnerable application
Ostorlab full paid scan results for DVIAv2
Findings overview
How it looks like in the application?
PDF report: Unfortunately not available.
Oversecured full paid scan results for DVIAv2
Findings overview
How it looks like in the application?
PDF report: https://github.com/yevh/iOS-Security-Scanners/blob/main/iOS-Oversecured-DVIA-v2.pdf
Immuniweb community edition scan for DVIAv2
Findings overview
How it looks like in the application?
PDF report: https://github.com/yevh/iOS-Security-Scanners/blob/main/iOS-ImmuniWeb-DVIA-v2.pdf
Quixxi full paid scan for DVIAv2
Findings overview
How it looks like in the application?
PDF report: Unfortunately not available.
MobSF full scan DVIAv2
Findings overview
How it looks like in the application?
PDF report: https://github.com/yevh/iOS-Security-Scanners/blob/main/iOS-mobSF-DVIA-v2.pdf
iGoat-Swift vulnerable application
Ostorlab full paid scan results for iGoat-Swift
Findings overview
How it looks like in the application?
PDF report: Unfortunately not available.
Oversecured full paid scan results for iGoat-Swift
Findings overview
How it looks like in the application?
PDF report: https://github.com/yevh/iOS-Security-Scanners/blob/main/Oversecured_iGoat-Swift.pdf
Immuniweb community edition scan for iGoat-Swift
Findings overview
How it looks like in the application?
PDF report: https://github.com/yevh/iOS-Security-Scanners/blob/main/iOS-ImmuniWeb-iGoat.pdf
Quixxi full paid scan for iGoat-Swift
Findings overview
How it looks like in the application?
PDF report: Unfortunately not available.
MobSF full scan for iGoat-Swift
Findings overview
How it looks like in the application?
PDF report: https://github.com/yevh/iOS-Security-Scanners/blob/main/iOS-mobSF-iGoat-Swift.pdf
Advantages and disadvantages
Note: Advantages and disadvantages were made based on comparison to each other. It’s clear that some security issues were not detected, and false positives were present.
Conclusion
Of course, security scanners cannot replace the manual investigation, but sometimes you still want to do a quick scan and get something as an initial step in return. If you are looking for a free only solution, you can choose between MobSF, Ostorlab Community Edition and ImmuniWeb Mobile Community Edition. If we speak about the paid scanner, I recommend choosing between Ostorlab and Oversecured.
Read more
Implementing Application Security on your project
DevSecOps — What Security Controls exist and when to implement them?
Follow me and stay secure!