iSEC Research Labs

Here is a selection of iSEC’s most popular security tools. For a full listing, please see our main repository page.


  • Introspy-iOS Black box security profiler to help assessing the security of iOS apps.
  • ios-ssl-killswitch Black box tool to disable SSL certificate verification/pinning in iOS apps.
  • SecureNSCoder Secure state preservation for iOS.
  • SSLCertificatePinning Helper class to implement certificate pinning for SSL connections within an app.


  • Introspy-Android Black box security profiler to help assessing the security of Android apps.
  • Android-SSL-TrustKiller Cydia Substrate extension to disable SSL certificate verification/pinning in all apps.
  • Android-OpenDebug Cydia Substrate extension to make all apps debuggable.
  • femtocatcher App to prevent an Android phone from associating with femtocells.
  • Package Play Tool to examine the details of Android packages installed on a device.
  • Manifest Explorer Android Manifest file explorer for Android apps installed on a device.


  • SSLyze Fast and full-featured SSL scanner.
  • tcpprox Simple TCP proxy written in Python with SSL and IPv6 support.
  • dnsRedir Small DNS server for providing forged replies to specific domain queries.
  • TLSPretense SSL/TLS client testing framework.


  • PeachFarmer Framework to collect Peach fuzzing results from a distributed fuzzing cluster.
  • R2B2 Tools and schematics for building a PIN brute-forcing robot.
  • nano-ecc Very small ECDH and ECDSA implementation for 8-bit microcontrollers.
  • YoNTMA Laptop data protection tool for the truly paranoid.
  • YoNTMA for Mac The Mac version of YoNTMA.
  • AWS Scout2 Python client that helps assessing the security of AWS environments.