re-ios
Provides tools for analyzing iOS app bundles (IPA), including metadata extraction, static analysis of Mach-O binaries (Objective-C class dump, Swift symbol demangling, linked frameworks, FairPlay DRM detection), dynamic instrumentation via Frida (IAP interception, network capture, runtime class enumeration), and FairPlay DRM decryption.
Supports Swift symbol demangling as part of Mach-O static analysis to reveal demangled Swift symbols from iOS binaries.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@re-iosrun full analysis on ./target.ipa"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
re-ios v0.2.0
MCP server for iOS reverse engineering: static analysis + Frida dynamic instrumentation.
What it does:
Parse IPA /
.appbundles — metadata, entitlements, URL schemes, encryption statusStatically analyze Mach-O binaries — ObjC class dump, Swift symbol demangling, linked frameworks, archs, FairPlay DRM detection
Manage Frida devices — list USB/local/remote, enumerate processes, spawn/kill apps
Inject dynamic hooks — IAP (StoreKit) interception, NSURLSession network capture, runtime ObjC enumeration
Decrypt FairPlay DRM — orchestrate frida-ios-dump for decrypted IPA extraction
Full analysis pipeline — combine all of the above into a single comprehensive report
Tools (27 total)
Category | Tools |
System |
|
IPA |
|
Mach-O Static |
|
Frida Device |
|
Dynamic Hooks |
|
Decryption |
|
Pipeline |
|
Related MCP server: PCM
Installation
pip install -e .
re-iosRegister in .mcp.json:
{
"mcpServers": {
"re-ios": {
"command": "re-ios"
}
}
}Requirements
macOS (for native Mach-O toolchain:
otool,nm,lipo,strings,file,codesign)Python 3.11+
Frida (optional, for dynamic analysis):
pip install fridafrida-ios-dump (optional, for FairPlay decryption)
class-dump (optional, for deeper ObjC analysis)
Quick Start
# Static IPA analysis
echo '{"jsonrpc":"2.0","id":1,"method":"tools/call","params":{"name":"parse_ipa_tool","arguments":{"path":"./target.ipa"}}}' | re-ios
# Check binary encryption
echo '{"jsonrpc":"2.0","id":1,"method":"tools/call","params":{"name":"check_macho_encryption","arguments":{"path":"./executable"}}}' | re-ios
# Full static pipeline
echo '{"jsonrpc":"2.0","id":1,"method":"tools/call","params":{"name":"full_static_analysis","arguments":{"path":"./target.ipa"}}}' | re-iosProject Structure
src/re_ios/
├── server.py # FastMCP app (27 tools)
├── models.py # Pydantic models
├── errors.py # Exception hierarchy
├── logger.py # Logging
├── macho/parser.py # Mach-O static analysis
├── frida/
│ ├── device.py # Device/process management
│ ├── session.py # Script injection & RPC
│ └── scripts/ # Frida JS injection scripts
│ ├── enumerate_classes.js
│ ├── dump_ipa.js
│ ├── hook_iap.js
│ └── hook_network.js
├── ipa/
│ ├── unpack.py # IPA parse & extract
│ └── decrypt.py # FairPlay decryption
└── analysis/
├── static.py # Report generation
└── dynamic.py # Dynamic analysis orchestrationExamples
Static analysis of Mach-O
analyze_macho_objc(path="./MyApp")
analyze_swift_symbols(path="./MyApp", max_symbols=100)
analyze_linked_frameworks(path="./MyApp")Dynamic IAP hook
dynamic_hook_iap(target="com.example.app", device_type="usb", duration=30)Network traffic capture
dynamic_hook_network(target="com.example.app", device_type="usb")Full decryption
decrypt_ipa(bundle_id="com.example.app", output_dir="/tmp/decrypted")Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/gyh20062008-commits/re-ios'
If you have feedback or need assistance with the MCP directory API, please join our Discord server