awesome-apple-security
github.com/blacksquirrelz/awesome-apple-security ↗Curated list of tools, techniques and resources related to Apple Security (macOS, iOS, iPadOS, tvOS, watchOS) aimed to help people with an interest in Apple related security topics to get a hold in this field, and for professionals to discover / explore other resources.
Use this list with your AI agent
Add the Context Awesome MCP server to Claude, Cursor, or any MCP client, then ask:
"Show me static analysis tools resources from awesome-apple-security"
Installation instructions →What's inside
Tools
- 3uToolsStatic Analysis Tools
An All-in-One management software for iOS devices.
- aahDynamic Analysis Tools
Run iOS arm64 binaries on x86_64 macOS, with varying degrees of success.
- AltStoreReverse Engineering Tools
Allows to sideload other apps (.ipa files) onto iOS device.
- bagbakReverse Engineering Tools
Yet another frida based App decryptor. Requires jailbroken iOS device and frida.re.
- bfdecryptReverse Engineering Tools
Utility to decrypt App Store apps on jailbroken iOS 11.x.
- bfinjectReverse Engineering Tools
Easy dylib injection for jailbroken 64-bit iOS 11.0 - 11.1.2. Compatible with Electra and LiberiOS jailbreaks.
People
- Alexis Brignoni
X - DFIR Researcher, iLEAPP Developer.
- Cedric Owens
X - macOS Security Researcher and Purple Teamer.
- Cody Thomas
GitHub - Developer of Mythic C2.
- Csaba Fitzl
X - Hungarian Researcher specialized on macOS Security.
- M4shl3
hackmd.io - Digital Forensics Investigator.
- Patrick Wardle
X - Founder of Objective-see, and Security Researcher.
Apple Guidance
- Apple File System
Documentation on the filesystem.
- Apple Platform Security
Apple Information on Platform Security.
- Apple Security Bounty
Apple's Bug Bounty Program information.
- Developers Documentation
Developer Documentation for reference.
- Report Vulnerabilities
In case you want to submit a vulnerability to Apple.
- Security Documentation
Security Documentation of Apple Products.
Persistence
- Apple Persistence Mechanisms
Persistence Mechanisms.
- Knockknock
Displays persistence items in macOS.
- Persistence Samples
Collection of persistence methods and samples used.
- PersistentJXA
Collection of macOS persistence methods in JXA.
Forensics
- AuditorAcquisition and Evidence Collection
Deprecated macOS DFIR tool for older systems.
- Cellebrite Digital Collector (Former Macquisition)Acquisition and Evidence Collection
Commercial Tooling for Acquisition of macOS Forensic Images.
- CollectorAcquisition and Evidence Collection
macOS offshoot for live response.
- mac_aptAcquisition and Evidence Collection
Plugin based forensics framework for quick mac triage that works on live machines, disk images or individual artifact files.
- The ESF PlaygroundAcquisition and Evidence Collection
A tool to view the events in Apple Endpoint Security Framework (ESF) in real time.
Blogs
- Cedric Owens Medium Blog
Cedric Owens Blog on macOS Security.
- Mac4n6
Mac Forensics.
- Mac Security Blog
Generic Blog on macOS Security.
- Mandiant
Mandiant macOS Articles.
- Objective-See by Patrick Wardle
Patrick Wardle's Website.
- Scripting OSX!
macOS Admin related Blog.
Videos
- Curated YouTube Playlist
Curated YouTube playlist with macOS/iOS Security Topics.
Books and Magazines
- eForensics Magazine
Magazine for (macOS) Forensics.
- Hacking and Securing iOS Applications
By Jonathan Zdziarski.
- iOS Application Security: The Definitive Guide for Hackers and Developers
By David Thiel.
- iOS Forensics for Investigators
iOS Forensics Book.
- iOS Hacker's Handbook
By Charlie Miller.
- iOS Hacking Guide
By Security Innovation.
Showing a sample of 138 resources. View the full list on GitHub →