{"id":13843528,"url":"https://github.com/seemoo-lab/apple-continuity-tools","last_synced_at":"2026-02-10T02:31:49.486Z","repository":{"id":73817936,"uuid":"267555888","full_name":"seemoo-lab/apple-continuity-tools","owner":"seemoo-lab","description":"Reverse engineering toolkit for Apple's wireless ecosystem","archived":false,"fork":false,"pushed_at":"2021-04-12T10:11:38.000Z","size":27,"stargazers_count":71,"open_issues_count":0,"forks_count":4,"subscribers_count":5,"default_branch":"main","last_synced_at":"2025-07-18T10:08:18.907Z","etag":null,"topics":["apple","frida","ios","macos","reverse-engineering"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/seemoo-lab.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2020-05-28T10:05:33.000Z","updated_at":"2025-07-17T14:41:04.000Z","dependencies_parsed_at":null,"dependency_job_id":"8d13adcf-662b-4c60-88cf-2d8110caf12d","html_url":"https://github.com/seemoo-lab/apple-continuity-tools","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/seemoo-lab/apple-continuity-tools","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/seemoo-lab%2Fapple-continuity-tools","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/seemoo-lab%2Fapple-continuity-tools/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/seemoo-lab%2Fapple-continuity-tools/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/seemoo-lab%2Fapple-continuity-tools/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/seemoo-lab","download_url":"https://codeload.github.com/seemoo-lab/apple-continuity-tools/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/seemoo-lab%2Fapple-continuity-tools/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":270946068,"owners_count":24672890,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-18T02:00:08.743Z","response_time":89,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["apple","frida","ios","macos","reverse-engineering"],"created_at":"2024-08-04T17:02:11.903Z","updated_at":"2026-02-10T02:31:49.430Z","avatar_url":"https://github.com/seemoo-lab.png","language":"JavaScript","funding_links":[],"categories":["JavaScript"],"sub_categories":[],"readme":"# Apple Continuity Reverse Engineering Toolkit\n\nThis reverse engineering toolkit for macOS was used by [the Open Wireless Link Project](https://owlink.org) to analyze several services in Apple's wireless ecosystem such as [AirDrop](https://github.com/seemoo-lab/opendrop), [Wi-Fi Password Sharing](https://github.com/seemoo-lab/openwifipass), Handoff, and Offline Finding.\n\n## Requirements\n\n### Module Dependencies\n\nThe toolkit uses both Python and Node.js modules. To use them, first create a virtual Python environment and then install all dependencies (Python and Node.js) by running:\n\n```\nmake venv\nsource venv/bin/activate\nmake install\n```\n\nTo uninstall, simply delete the repository folder.\n\n### Disabled System Integrity Protection\n\nSome of the tools require you to (partly) disable macOS' System Integrity Protection (SIP). [**Please be aware of the security implications.**](https://en.wikipedia.org/wiki/System_Integrity_Protection) We indicate this requirement in the table below.\nTo (partly) disable SIP, boot into recovery mode by restarting macOS and holding ⌘+R. In recovery mode, open the terminal, enter one of the following commands, and reboot macOS.\n\n```bash\n# Disable only certain SIP features ...\ncsrutil enable --without \u003cFEATURE\u003e\n# ... or fully disable SIP\ncsrutil disable\n```\n\nTo restore full SIP later, reboot in macOS' recovery mode again (⌘+R) and run\n\n```bash\ncsrutil enable\n```\n\n## Tools\n\nWe provide a brief overview of the included tools. Please read the respective `README.md` in the subfolders for more information.\n\n| Tool                                         | Description                                                   |    Disable SIP features    |\n| -------------------------------------------- | ------------------------------------------------------------- | :------------------------: |\n| [`process_recon`](process_recon)             | scan system logs find processes involved in a certain service |             —              |\n| [`keychain_access`](keychain_access)         | monitor process access to any keychain items and export them  | all (for system processes) |\n| [`continuity_messages`](continuity_messages) | record _Continuity_ messages of the `rapportd` daemon         |        `debugging`         |\n\n## Authors\n\n- Alexander Heinrich\n- Milan Stute\n\n## Related Publications\n\n- Milan Stute, Alexander Heinrich, Jannik Lorenz, and Matthias Hollick. **Disrupting Continuity of Apple’s Wireless Ecosystem Security: New Tracking, DoS, and MitM Attacks on iOS and macOS Through Bluetooth Low Energy, AWDL, and Wi-Fi.** _30th USENIX Security Symposium (USENIX Security ’21)_, August 11–13, 2021, Vancouver, B.C., Canada. [Link](https://www.usenix.org/conference/usenixsecurity21/presentation/stute)\n- Milan Stute. **Availability by Design: Practical Denial-of-Service-Resilient Distributed Wireless Networks.** Dissertation, _Technical University of Darmstadt_, February 14, 2020. [doi:10.25534/tuprints-00011457](https://doi.org/10.25534/tuprints-00011457)\n- Milan Stute, Sashank Narain, Alex Mariotto, Alexander Heinrich, David Kreitschmann, Guevara Noubir, and Matthias Hollick. **A Billion Open Interfaces for Eve and Mallory: MitM, DoS, and Tracking Attacks on iOS and macOS Through Apple Wireless Direct Link.** _28th USENIX Security Symposium (USENIX Security ’19)_, August 14–16, 2019, Santa Clara, CA, USA. [Link](https://www.usenix.org/conference/usenixsecurity19/presentation/stute)\n\n## License\n\nThis toolkit is licensed under the [**GNU General Public License v3.0**](LICENSE).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fseemoo-lab%2Fapple-continuity-tools","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fseemoo-lab%2Fapple-continuity-tools","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fseemoo-lab%2Fapple-continuity-tools/lists"}