# 8. iOS Lab Setup

> ❗ A MacOS device is required for the lab setup and pentesting, while whenever feasible, both static and dynamic analyses in the course will be conducted using the [Kali VM](https://blog.syselement.com/tcm/courses/mapt/3-android-lab).

Open Mac App Store and install [Xcode](https://developer.apple.com/documentation/xcode)

![](https://1178537843-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F2KUxfxUFmy000PDT7MtM%2Fuploads%2Fgit-blob-ee8a295083c5cec453de15509f64771ee3e9b751%2F2024-02-24_20-00-26_419.png?alt=media)

With the Xcode project, source code can be analyzed

* Xcode Simulator can be used to run the app

Create an [Apple Developer](https://developer.apple.com/programs/) account and **configure it in Xcode Accounts to manage certificates for app signing**

Tools such as [AnyTrans](https://www.imobie.com/anytrans/) or [iMazing](https://imazing.com/) (suggested) can be used to pull apps from the App Store and export `.ipa` apps

![iMazing](https://1178537843-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F2KUxfxUFmy000PDT7MtM%2Fuploads%2Fgit-blob-7b31c1bcb254978570d40d52b387e8beedc933f7%2F2024-02-24_20-12-01_420.png?alt=media)

Homebrew is necessary to install some MacOS based tools

* **Install** [**Homebrew**](https://brew.sh/) **in Linux**

```bash
sudo apt install -y build-essential procps curl file git

/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"

test -d ~/.linuxbrew && eval "$(~/.linuxbrew/bin/brew shellenv)"
test -d /home/linuxbrew/.linuxbrew && eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"
echo "eval \"\$($(brew --prefix)/bin/brew shellenv)\"" >> ~/.zshrc
```

* [IPATool](https://github.com/majd/ipatool) - *Command-line tool that allows searching and downloading app packages (known as ipa files) from the iOS App Store*

```bash
brew tap majd/repo
brew install ipatool

ipatool auth login -e <appleid_email>
ipatool search <Keyword>
ipatool download --bundle-identifier <bundleIDFromSearchCommand>
# .ipa is downloaded
```

Paid emulator tools

* [Corellium Virtual Hardware](https://www.corellium.com/)
* [Appetize.io](https://appetize.io/)

***