Closed sk3l10x1ng closed 1 week ago
i will work on it .
It's yours. Thanks @sk3l10x1ng!
Before you add it, could you please clarify the benefits of using that tool instead of the current approach and tools defined in
https://mas.owasp.org/MASTG/techniques/ios/MASTG-TECH-0092/#re-signing
Before you add it, could you please clarify the benefits of using that tool instead of the current approach and tools defined in
https://mas.owasp.org/MASTG/techniques/ios/MASTG-TECH-0092/#re-signing
This can be added as alternative tool , with ios-app-signer provides GUI instead of command line , and display the list provisioning profiles and signing certificates available to sign the ios app.
Thanks! I noticed that we do not have codesign as a tool. Adding it in https://github.com/OWASP/owasp-mastg/pull/2609/files
Maybe we can add a new field in the main tool that we use, in this case codesign (MASTG-TOOL-0101.md), for keeping track of this kind of alternate tools, something like
---
...
alternatives: [MASTG-TOOL-0102]
---
assuming MASTG-TOOL-0102 is the new ID for this tool.
Add ios-app-signer to the list of iOS tools.
This is an app for OS X that can resign apps and bundle them into ipa files that are ready to be installed on an iOS device. link : https://github.com/DanTheMan827/ios-app-signer