Introducing Needle

Assessing the security of an iOS application typically requires a plethora of tools, each developed for a specific need and all with different modes of operation and syntax. The Android ecosystem has tools like “drozer” that have solved this problem and aim to be a ‘one stop shop’ for the majority of use cases, however iOS does not have an equivalent.

Needle is an open source modular framework which aims to streamline the entire process of conducting security assessments of iOS applications, and acts as a central point from which to do so. Given its modular approach, Needle is easily extensible and new modules can be added in the form of python scripts. Needle is intended to be useful not only for security professionals, but also for developers looking to secure their code. A few examples of testing areas covered by Needle include: data storage, inter-process communication, network communications, static code analysis, hooking and binary protections.​ The only requirement in order to run Needle effectively is a jailbroken device.

With the release of Needle v1.0.0, we provided a major overhaul of its core and the introduction of a new native agent, written entirely in Objective-C. The new NeedleAgent is an open source iOS app complementary to Needle, that will allow it to programmatically perform tasks natively on the device, eliminating the need for third party tools.

The agent, already available for download on Cydia, will (over time) allow Needle to:

• Provide transparent support for iOS 10 and future versions
• Remove all dependencies required now
• Provide a platform that will enable security testing on non-jailbroken devices

Get Needle

Needle is open source software maintained by MWR InfoSecurity, released under a 3-clause BSD license, and can be freely downloaded from and is available on Github.

Resources

• For instructions and tutorials on its usage, please refer to the Project Wiki.
• For news and updates, follow @mwrneedle on Twitter and the MWR Mobile Tools blog.