re-ios
Server Configuration
Describes the environment variables required to run the server.
| Name | Required | Description | Default |
|---|---|---|---|
No arguments | |||
Capabilities
Features and capabilities supported by this server
| Capability | Details |
|---|---|
| tools | {
"listChanged": false
} |
| prompts | {
"listChanged": false
} |
| resources | {
"subscribe": false,
"listChanged": false
} |
| experimental | {} |
Tools
Functions exposed to the LLM to take actions
| Name | Description |
|---|---|
| check_iosB | Report server status and available capabilities. |
| parse_ipa_toolA | Parse an IPA file and extract full metadata (bundle ID, version, entitlements, frameworks, encryption status). Args: path: Path to the IPA or .app bundle |
| unpack_ipa_toolA | Extract an IPA file to a directory for further analysis. Args: path: Path to the IPA file output_dir: Optional output directory (defaults to _unpacked) |
| get_ipa_entitlementsC | Extract entitlements from an IPA file or .app bundle. Args: path: Path to IPA file or .app bundle |
| analyze_macho_objcB | Dump Objective-C classes from a Mach-O binary using static analysis (nm + strings). Args: path: Path to a Mach-O binary |
| analyze_macho_objc_deepB | Deep ObjC class dump using class-dump if available, falls back to nm+strings. Args: path: Path to a Mach-O binary |
| analyze_swift_symbolsA | Demangle Swift symbols from a Mach-O binary. Args: path: Path to a Mach-O binary max_symbols: Maximum number of symbols to demangle (default: 500) |
| analyze_linked_frameworksC | Enumerate linked frameworks and libraries from a Mach-O binary. Args: path: Path to a Mach-O binary |
| check_macho_encryptionB | Check if a Mach-O binary is encrypted (FairPlay DRM). Args: path: Path to a Mach-O binary |
| analyze_macho_archsB | List architectures in a Mach-O binary (via lipo). Args: path: Path to a Mach-O binary |
| full_static_analysisA | Run full static analysis pipeline on an IPA or Mach-O binary. Combines IPA parsing, ObjC class dump, Swift symbol demangling, linked framework enumeration, encryption check, and endpoint scanning. Args: path: Path to IPA file or Mach-O binary |
| frida_list_devicesA | List all available Frida devices (USB, local, remote). |
| frida_device_infoA | Get detailed info about a Frida device. Args: device_type: Device type: 'usb', 'local', or 'remote' (default: 'usb') device_id: Specific device ID (optional) |
| frida_list_processesA | List running processes on a Frida device. Args: device_type: Device type: 'usb', 'local', or 'remote' (default: 'usb') device_id: Specific device ID (optional) |
| frida_find_processA | Find a process by name, PID, or bundle identifier. Args: target: Process name, PID, or bundle ID device_type: Device type: 'usb', 'local', or 'remote' (default: 'usb') device_id: Specific device ID (optional) |
| frida_spawn_appA | Spawn an iOS app by bundle ID. Args: bundle_id: Bundle identifier (e.g. com.example.app) device_type: Device type: 'usb', 'local', or 'remote' (default: 'usb') device_id: Specific device ID (optional) |
| frida_resume_appA | Resume a spawned/suspended app. Args: pid: Process ID device_type: Device type: 'usb', 'local', or 'remote' (default: 'usb') device_id: Specific device ID (optional) |
| frida_kill_appA | Kill a process by PID. Args: pid: Process ID device_type: Device type: 'usb', 'local', or 'remote' (default: 'usb') device_id: Specific device ID (optional) |
| dynamic_enumerate_classesA | Enumerate Objective-C classes at runtime on a running iOS app. Uses Frida to enumerate all loaded ObjC classes from a running process. Args: target: Bundle ID or PID of the target app device_type: Device type: 'usb', 'local', or 'remote' (default: 'usb') device_id: Specific device ID (optional) |
| dynamic_hook_iapA | Inject IAP (In-App Purchase) hook into a running iOS app. Hooks StoreKit/SKPaymentQueue methods to log purchase transactions, product requests, and receipt validation attempts. Args: target: Bundle ID or PID of the target app device_type: Device type: 'usb', 'local', or 'remote' (default: 'usb') device_id: Specific device ID (optional) duration: Monitoring duration in seconds (default: 30) |
| dynamic_hook_networkB | Inject network interception hook into a running iOS app. Hooks NSURLSession, CFNetwork, NSURLConnection, and WebSocket APIs to capture all network requests including URLs, headers, and body data. Args: target: Bundle ID or PID of the target app device_type: Device type: 'usb', 'local', or 'remote' (default: 'usb') device_id: Specific device ID (optional) duration: Monitoring duration in seconds (default: 30) |
| dynamic_check_cryptidA | Check encryption status (cryptid) of loaded Mach-O binaries at runtime. Uses Frida to enumerate all loaded modules and read their cryptid field. Args: target: Bundle ID of the target app device_type: Device type: 'usb', 'local', or 'remote' (default: 'usb') device_id: Specific device ID (optional) |
| decrypt_ipaA | Decrypt FairPlay DRM from an iOS app using frida-ios-dump. Dumps decrypted IPA from a running/installed app on a tethered iOS device. Requires frida-ios-dump to be installed. Args: bundle_id: Bundle identifier of the target app output_dir: Output directory for decrypted IPA (default: /tmp/ios_decrypted) device_type: Device type: 'usb', 'local', or 'remote' (default: 'usb') device_id: Specific device ID (optional) |
| check_encryptionB | Check if an app is encrypted (FairPlay DRM) by reading cryptid at runtime. Attaches to the running app and reads the cryptid field from Mach-O headers of all loaded modules. Args: bundle_id: Bundle identifier of the target app |
| resign_checkA | Check signing environment: available tools and code signing identities. Returns signing method (ldid/codesign/none), available certs, and readiness. |
| resign_ipa_toolB | Resign an iOS IPA or .app bundle with new identity and metadata. Handles the full resigning workflow:
Args: input_path: Path to .ipa or .app bundle to resign output_path: Output path for resigned IPA (default: _resigned.ipa) signing_cert: Code signing identity name/SHA1 (for codesign), or None for ldid provisioning_profile: Path to .mobileprovision file to embed new_bundle_id: New bundle identifier (e.g. com.example.resigned) new_display_name: New display name for the app new_version: New version string (CFBundleShortVersionString) new_build: New build number (CFBundleVersion) |
| fix_app_iconsC | Verify icon references in Info.plist match actual files in .app bundle. Args: app_dir: Path to .app bundle |
| full_analysisA | Run a comprehensive analysis pipeline on an iOS target. Supports three levels:
Args: target: Path to IPA file, Mach-O binary, or bundle ID for dynamic analysis level: Analysis level: 'basic', 'static', or 'dynamic' (default: 'static') output_dir: Output directory for analysis artifacts (default: /tmp/re_ios_analysis) |
| trollstore_guideA | Get the recommended workflow for combining TrollStore (on-device) with re-ios (desktop). TrollStore on iPhone handles decryption and installation; re-ios on Mac handles deep static analysis, IAP/network hook templates, and resigning. Returns the step-by-step workflow reference. |
| run_skill_pipelineA | Run the full original SKILL.md static analysis pipeline (bash scripts). Executes the shell-based analysis pipeline from the ios-reverse-engineering skill: unpack → fingerprint → macho analyze → class scan → api scan → report. All results are written to output_dir. Args: target: Path to IPA file, .app bundle, or Mach-O binary output_dir: Output directory (default: ios_analysis_out) |
| generate_analysis_reportB | Generate a human-readable analysis report from an IPA or analysis directory. Args: path: Path to IPA file or Mach-O binary analysis_dir: Optional path to analysis directory (for endpoint scanning) |
| scan_endpointsB | Scan an analysis directory for hardcoded URLs, domains, and API paths. Recursively scans text files for network endpoint clues. Args: analysis_dir: Path to the analysis directory |
Prompts
Interactive templates invoked by user choice
| Name | Description |
|---|---|
No prompts | |
Resources
Contextual data attached and managed by the client
| Name | Description |
|---|---|
No resources | |
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/gyh20062008-commits/re-ios'
If you have feedback or need assistance with the MCP directory API, please join our Discord server