Hackers can use easily available tools to disassemble and inspect your iOS applications and SDKs to gain insight into their internal logic. This leaves apps vulnerable to various forms of abuse, including intellectual property theft, cloning, credential harvesting, API key extraction and code tampering.
iXGuard
iXGuard
Cutting-edge protection for your iOS apps
iXGuard has been designed to protect native (Objective-C, Swift) and cross-platform (Unity, Cordova, Ionic, React Native, etc.) apps and SDKs for iOS against reverse engineering and tampering. iXGuard applies multiple obfuscation and encryption techniques to the code of applications and SDKs and integrates runtime self-protection mechanisms (RASP). The applied layers of protection make it virtually impossible to gain access to their internal logic and to modify their intended behavior.
Secure development made easy
- iXGuard processes your project as a whole, including libraries and extensions. This enables stronger and more extensive hardening.
- iXGuard does not require any changes to the source code of your applications or SDKs.
- iXGuard has no impact on your development process. It functions as a stand-alone solution that processes your compiled applications. iXGuard is easy to configure. It can be set up to protect entire applications or specific functions with a single configuration file.
- iXGuard provides an In-App Assistant that automatically generates configuration for your application.
Requirements
- Recent version of Xcode
- Bitcode-enabled archive build
iXGuard protects your iOS apps and SDKs against static analysis using multiple code hardening techniques
Name obfuscation
iXGuard obfuscates identifiers in both Swift and Objective-C code to hide semantic information from reverse engineers. Most common reflection constructs are supported out of the box.
Control flow obfuscation
iXGuard hides the original function logic to better shield your applications and SDKs against automated and manual code analysis.
Arithmetic obfuscation
iXGuard transforms arithmetic statements into more complex but equivalent alternatives to conceal the original computation. The outcome of the transformations is different in every single build.
Call hiding
iXGuard hides function call targets to prevent identification of vulnerabilities in the application’s code.
Data encryption
iXGuard encrypts strings (encryption keys, API endpoints, tokens, etc.) as well as resource and asset files to prevent sensitive data from leaking.
iXGuard shields your iOS applications and SDKs against dynamic analysis and live attacks using various runtime self-protection mechanisms (RASP)
Jailbreak detection
iXGuard lets you determine how your application should react when it is executed on a jailbroken device.
Debugger detection
iXGuard integrates environment integrity checks that detect the use of debugging tools into your application or SDK.
Repackaging detection
iXGuard makes sure your application has not been repackaged by a third party by performing signature-based checks and by comparing additional fields of the binary with the observed state at compile time.
Code tracing detection
iXGuard detects and prevents code tracing attempts with dynamic binary instrumentation tools.
Hook detection
iXGuard enables your application to detect and prevent attempts by hooking frameworks (i.e. Frida, Cydia Substrate and fishhook) to modify its behavior
Gais Security
Gais Cyber Security Technologies is on your side with its expert team. Call us for detailed information.