Mobile Forensics
Mobile Forensics
Mobile Forensics
  • Introduction
  • Preparations
    • Knowledge
    • Safety
    • Trust
    • Backup
  • Methodology
  • Checking Windows Computers
    • Review Programs Launching at Startup
    • Review Running Processes
    • Review Network Connections
    • Extract Data for Further Analysis
  • Checking Mac Computers
    • Review Programs Launching at Startup
    • Review Running Processes
    • Review Kernel Extensions
    • Review Network Connections
    • Review XProtect Logs
    • Extract Data for Further Analysis
  • Checking Smartphones
    • Note: curriculum
    • Smartphone System Architecture
    • Check Devices Linked to Chat Applications
    • Check for Suspicious Messages
    • Monitor Network Traffic
    • Note: Monitoring Network Traffic on Linux
  • Checking Android Devices Basic
    • Review Installed Applications
    • Check Storage
    • Check if the Phone is under Android Device Policy
    • Check if the Phone is Rooted
    • Check if Developer Options is Enabled
    • Analyze Applications
    • Extract Data for Further Analysis
    • Optional : Check for Indicators of Stalkerware Installation
  • Checking Android Devices Advanced
    • Wireshark
    • MVT
    • Other Tools
  • Checking iOS Devices
    • Review iCloud Accounts
    • Review Installed Applications
    • Check for Mobile Device Management Profiles
    • Check for Shortcuts
    • Check for Jailbreaks
    • Enable and Check App Privacy Report
    • Extract Data for Further Analysis
    • Analyzing Extracted Data
    • About Lockdown Mode
  • Checking Devices Remotely
    • Mac Computers
    • Android
  • Concluding a Forensic Gathering
  • References and Further Learning
  • License and Credits
Powered by GitBook
On this page
  • App Store
  • Enterprise Apps
  • Sideloaded Apps
  1. Checking iOS Devices

Review Installed Applications

PreviousReview iCloud AccountsNextCheck for Mobile Device Management Profiles

Last updated 1 year ago

App Store

App Store is the only mass-market source of apps on iOS. Apps published on the App Store have been reviewed by Apple, thus can be seen as relatively safe. However, it is possible for malwares to slip by Apple's checks.

Malicious apps that take full control of the device are rare on the App Store, but there are apps that trick users into entering their personal information or subscribe to expensive services.

Organizations can distribute their internal apps outside of the App Store, but they must register with Apple. These apps are not reviewed by Apple and could contain malware. There are tools such as that utilize this feature to allow installation of cracked apps.

Check enterprise apps by going to Settings > General > Profiles or Profiles & Device Management, and look under the "Enterprise App" heading. Make sure no unknown enterprise apps are installed.

Sideloaded Apps

It is possible to use iOS's personal developer certificate to sign unverified apps so that they could be installed. Tools such as , , and makes this process easier. To check for sideloaded apps, go to Settings > General > Profiles or Profiles & Device Management.

Enterprise Apps
Rickpactor
Sideloadly
Azule
Altstore