v1.3.2

Fixed

• [CORE] Search PID for System Apps
• [MODULE] Keychain extraction of data not encodable in UTF8 [from @federicodotta]

v1.3.1

Fixed

• [CORE] Asyncore problems [from @floyd-fuh]

Removed

• [CORE] Asyncore, replaced by regular sockets [from @floyd-fuh]

v1.3.0

Added

• [CORE] Support for System Applications
• [CORE] Global variable HIDE_SYSTEM_APPS: if set to True, only 3rd party apps will be shown
• [MODULE] SignerIdentity included in binary/info/metadata
• [MODULE] binary/info/provisioning_profile automatically parses the embedded certificate looking for distribution profiles
• [MODULE] hooking/frida/script_anti-hooking-check automatically detects if the app prevents hooking

Fixed

• [MODULE] Case sensitivity issues in device/dependency_installer [from @tghosth]

v1.2.0

Added

• [CORE] Non-interactive mode: new command line interface (python needle-cli.py) which allows to completely script Needle
• [CORE] Version checking, to ensure the latest version of Needle is being used
• [CORE] Add support for binary thinning
• [MODULE] Frida Script: hook all methods of the specified class (hooking/frida/script_hook-all-methods-of-class)
• [MODULE] Frida Script: hook a particular method of a specific class (hooking/frida/script_hook-method-of-class)

Fixed

• [CORE] Search PID for apps with a space in their name
• [CORE] Remove infinite loop from Retry decorator, which attempts to restore a connection with the device if it fails
• [CORE] Metadata parsing for app extensions
• [CORE] Re-added support on iOS for: storage/data/keychain_dump, binary/reversing/strings, binary/reversing/class_dump

v1.1.0

Added

• [CORE] Issue Auto-Detection: modules will now automatically detect and keep track of issues in the target app.
  All the issues are going to be stored in the issues.db SQLite database, contained in the chosen output directory.
  Every issue will hold the following attributes: app, module, name, content, confidence level ('HIGH', 'MEDIUM', 'INVESTIGATE', 'INFORMATIONAL'), outfile

• [CORE] New commands: issues (list all the issues identified), add_issue (manually add an issue to the collection)

• [CORE] Frida Attach or Spawn: added option in Frida modules to either attach to or spawn a process

• [CORE] New global option: skip_output_folder_check. It allows to skip the check that ensures the output folder does not already contain other files

• [MODULE] Created the device category

• [MODULE] Dependency Installer (device/dependency_installer)

• [MODULE] MDM Effective User Settings (mdm/effective_user_settings) [from @osimonnet]

Fixed

• [CORE] Moved installation of dependencies to its own module (device/dependency_installer)
• [CORE] Frida support for 32bit devices
• [CORE] Automatic reconnection if SSH/Agent connection drops (Retry decorator)
• [CORE] Re-introduce support for ipainstaller (iOS<10)
• [MODULE] Compatibility of modules requiring app decryption (iOS 10)

Removed

• [CORE] SETUP_DEVICE global option, in favour of device/dependency_installer

v1.0.2

Fixed

• [AGENT] Improved communication with the Agent
• [AGENT] Replaced telnetlib with asyncore

v1.0.1

Fixed

• Improved communication with the Agent (#138)

v1.0.0

Added

• [AGENT] Released Needle Agent
• [CORE] iOS 10 Support
• [CORE] Overhaul of the Core
• [CORE] Possibility to disable modules if running incompatible version of iOS
• [MODULE] Simple CLI Client (various/agent_client)
• [MODULE] Frida Jailbreak Detection Bypass (dynamic/detection/script_jailbreak-detection-bypass.py) [from @HenryHoggard]
• [MODULE] Frida Touch Id Bypass (hooking/frida/script_touch-id-bypass) [from @HenryHoggard]
• [SUPPORT] Updated documentation

Fixed

• [MODULE] Fix storage/data/keychain_dump_frida ACL Parsing [from @bernard-wagner]
• [MODULE] Frida modules spawn app with Frida instead of UIOpen [from @HenryHoggard]
• [MODULE] Frida enumerate methods performance enhancement [from @HenryHoggard]

Removed

• [CORE] Dependencies superseded by the Needle Agent

v0.2.0

Added

• [CORE] Preliminary support for iOS10
• [CORE] Support for persisting command history across sessions
• [CORE] Improved metadata parsing for extensions
• [CORE] Improved issues recognition from metadata
• [CORE] Improved plist parsing
• [CORE] Star out password [from @tghosth]
• [MODULE] Frida Script: TLS Pinning Bypass (hooking/frida/script_pinning_bypass)
• [MODULE] Frida Script: Keychain Dumper (hooking/frida/script_dump-keychain) [from @bernard-wagner]
• [MODULE] Frida Script: iCloud Backups (hooking/frida/script_documents-backup-attr) [from @bernard-wagner]
• [MODULE] Frida Script: Anti Hooking Checks (hooking/frida/script_anti-hooking-check) [from @HenryHoggard]
• [MODULE] Calculate binary checksums (binary/checksums) [from @HenryHoggard]
• [MODULE] Retrieve application container (storage/data/container)
• [MODULE] Strings: now look also in the application resources (binary/strings)
• [MODULE] Provisioning profile: Inspect the provisioning profile of the application (binary/provisioning_profile)

Fixed

• [CORE] Modified the organization of modules into packages
• [CORE] App metadata: creation of binary path from MobileInstallation.plist
• [CORE] Plist wrapper using biplist
• [CORE] Multiple plist parsing issues [from @tghosth]
• [CORE] Paramiko hanging waiting for an EOF [from @TheBananaStand]
• [MODULE] Frida Script: print view hierarchy (hooking/frida/script_dump-ui) [from @HenryHoggard]
• [MODULE] Improved SQLite DB identification by reducing false positives and false negatives [from @HenryHoggard]
• [MODULE] Editing with different editors [from @tghosth]
• [MODULE] Clean storage does not need to require a target

Removed

• [CORE] Unused dependencies

v0.1.1

Added

• [CORE] Support for plist files into print_cmd_output
• [CORE] move function for Remote operations
• [CORE] Automatically install Theos
• [CORE] Automatically install SSL Kill Switch
• [CORE] Add validate_editor (core/framework/module)
• [CORE] Parametrize module_run (core/framework/module)
• [CORE] Centralized utility for user interaction
• [MODULE] Theos integration (hooking/theos/theos_tweak)
• [MODULE] List installed Tweaks (hooking/theos/list_tweaks)
• [MODULE] Frida Script: print view hierarchy (hooking/frida/script_dump-ui)
• [MODULE] Install Burp Proxy CA Certificate (comms/certs/install_ca_burp)
• [MODULE] Allow using nano to edit hosts file (various/hosts) [from @tghosth]
• [MODULE] Automatically print row counts for standard tables in Cache.db files (storage/data/files_cachedb) [from @tghosth]
• [MODULE] Automatically print row counts for standard tables in SQL files (storage/data/files_sql) [from @tghosth]
• [MODULE] View Server Certificate (comms/certs/view_cert) [from @tghosth]
• [MODULE] Pull IPA: pull the binary as well as the .ipa file (binary/pull_ipa) [from @tghosth]

Fixed

• [CORE] Sanitization of parsed plist files
• [CORE] App metadata: show all URI handlers
• [CORE] Invalid characters when parsing plist files
• [CORE] Minor on Remote Operations' wrapper: list_dir and cat_file
• [MODULE] Dump entire keychain [idea from @tghosth]
• [MODULE] storage/caching/screenshot: OS X support for rendering preview images
• [MODULE] Error saving files in storage/data/files_* modules [from @tghosth]
• [MODULE] Run proxy regular even without selecting a target app
• [MODULE] File monitoring: automatically detect folder to monitor (regression)