separate android and others, add basic, android and ios tooling

[commjoen]

Assume installed (check if it is there, if not install it):

• [x] Virtualbox
• [x] Docker
• [x] python 2.7 & python 3
• [x] pip/pip3
• [x] Xcode
• [x] Android studio with an AVD

General:

• [x] MobSF (both docker container & local install)
• [x] ZAProxy
• [x] Burp
• [x] owasp dependency checker

Android:

• [x] dex2jar
• [x] apktool
• [x] jdgui & jadx
• [x] Drozer
• [x] Frida
• [x] Nathan

iOS:

• [x] Needle
• [x] Frida
• [x] Cycript
• [x] Objection
• [x] Needle
• [x] Appmon
• [x] class dump
• [x] Ida
• [x] idb

See section 0x08 of MSTG furthermore (let's improve that with more tools!!!)

• [x] separate ios from android there is even an ansible for macOS App Store https://github.com/geerlingguy/ansible-role-mas So we could actually install Xcode also via Ansible :-)

[commjoen]

Todo update: Drozer Frida Nathan

iOS: Needle Frida Cycript Objection Needle Appmon class dump Ida idb Rest: See section 0x08 of MSTG furthermore (let's improve that with more tools!!!) Think about separating code for different targets.. & add comments on what each tool does..

[commjoen]

Android: mobsf (no docker) SUPER, Qark, Androbugs iOS: Needle Cycript Objection Needle Appmon class dump idb Rest: Add comments to each tool and link to https://sushi2k.gitbooks.io/the-owasp-mobile-security-testing-guide/content/0x08-Testing-Tools.html . Next, create a list of tools that we miss based on it.

[commjoen]

iOS:

• [x] Objection: https://github.com/sensepost/objection
• [x] idb: http://www.idbtool.com/installation/

Rest:

• [ ] - Add comments to each tool and link to https://sushi2k.gitbooks.io/the-owasp-mobile-security-testing-guide/content/0x08-Testing-Tools.html .
• [ ] - Split the android and ios tooling from the generic items