✅ v0.2.0 Released!
- This project is still in very early stages, it is incompelte, unstable, and under rapid development.
- At the same time, it would be great to get feedback, feature requests, and most importantly bug reports.
- Active tickets / improvements
⚠️ macOS 10.15 Catalina - breaking change
The new version of macOS 10.15 Catalina has dropped support for 32-bit apps and while Vulnscan is 64-bit one of it's external dependencies (class-dump-z) is 32-bit. This has created a breaking change. Working now to replace this depedency with a different 64bit port. Expecting to deliver a fixed version in the coming week or so. More details can be found in this ticket.
Vulnscan is an opinionated static source code, binary, configuration, and dependency analyzer for iOS and macOS applications.
Written in Golang with smart defaults to make it highly portable and easy to use locally as part of the local development toolchain or integrated into an automated CI/CD process with few or no configuration.
How-to's and more information has been moved to the wiki.
vulnscan -h NAME: vulnscan - iOS and macOS vulnerability scanner USAGE: app [global options] command [command options] [arguments...] VERSION: 0.2.0 AUTHOR: Vulnscan Team <email@example.com> COMMANDS: binary, b search binary vulnerabilities code, c search code vulnerabilities download, d downloads the external tools used by vulnscan to work files, f lookup and clasify files lookup, l store app lookup plist, p plists scan scan, s source directory and binary file security scan virus, v performs a virus analysis using the VirusTotal API help, h Shows a list of commands or help for one command GLOBAL OPTIONS: --help, -h show help --version, -v print the version COPYRIGHT: (c) 2019 SimplyCubed, LLC - Mozilla Public License 2.0
A special thanks to the following members. They have made a significant contribution to the development and release of Vulnscan.