Needle - Black Hat Arsenal USA 2017

Needle - Black Hat Arsenal USA 2017

I delivered a talk based on this presentation at Black Hat Arsenal USA 2017 ( in Las Vegas (July 27th, 2017).


Marco Lancini

July 27, 2017


  1. 2.

    What is Needle? Black Hat Arsenal USA A tool for

    auditing iOS Application Security An open source, modular framework •streamline the entire process •acts as a central hub Not a vuln scanner •knowledge (and intuition) of the tester is still required
  2. 3.

    Motivation Beginners: easy to use Professionals: save time during assessments

    Developers: quickly test their products Black Hat Arsenal USA
  3. 8.

    + The framework core exposes APIs to interact with the

    local and remote OS + These wraps common functionalities • file and data access • command execution • networking + Speed-up creation of new modules API Black Hat Arsenal USA
  4. 11.

    Currently Supported Modules Black Hat Arsenal USA Binary Storage Dynamic

    Analysis Hooking / Instrumentation Network Communications Static Analysis
  5. 16.
  6. 17.

    Roadmap Black Hat Arsenal USA •Replace all the dependencies Agent

    to deploy on device Support for non-jailbroken devices •Substrate integration •WebView scanner •Hook Swift methods •URI handlers fuzzer •Obfuscation detection New modules … community based