Snoop-IT runs only on the 32-bit architecture. This has significantly limited the tool to be utilized in latest mobile phones. However, a majority of the tasks that we performed manually in the preceding sections can be performed by this single tool. The following screen capture of Snoop-it displays the filesystem during the runtime of this app.
Typically, there are three sections:
Monitoring: Monitor the filesystem, keychain, network, sensitive APIs, and common cryptography used
Analysis: This section displays all the objective-C classes, controllers, and other URL schemes
Runtime manipulation: Unlike Cycript, which we perform manually, this is just a single-click manipulation that one can perform in the GUI environment
Once we have a 64-bit version of Snoop-IT available, it will be one of the best tools to be used for any iOS app security assessment. Other tools, such as Appsec labs iNalyzer (https://github.com/appsec-labs/iNalyzer) and Veracode's iRET (https://www...