{"id":13681254,"url":"https://github.com/stopipv/isdi","last_synced_at":"2025-04-30T03:31:06.628Z","repository":{"id":33639965,"uuid":"160253601","full_name":"stopipv/isdi","owner":"stopipv","description":"ISDi (IPV Spyware Discovery) tool for Android and iOS.","archived":false,"fork":false,"pushed_at":"2025-03-10T05:18:36.000Z","size":54761,"stargazers_count":188,"open_issues_count":7,"forks_count":45,"subscribers_count":24,"default_branch":"main","last_synced_at":"2025-03-10T05:31:24.747Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/stopipv.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-12-03T21:05:06.000Z","updated_at":"2025-03-10T05:18:39.000Z","dependencies_parsed_at":"2024-01-14T15:25:41.310Z","dependency_job_id":"fb182994-d06e-4560-af35-7e3d63ee12b6","html_url":"https://github.com/stopipv/isdi","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stopipv%2Fisdi","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stopipv%2Fisdi/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stopipv%2Fisdi/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stopipv%2Fisdi/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/stopipv","download_url":"https://codeload.github.com/stopipv/isdi/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251635097,"owners_count":21619144,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-02T13:01:28.353Z","updated_at":"2025-04-30T03:31:01.620Z","avatar_url":"https://github.com/stopipv.png","language":"Python","funding_links":[],"categories":["Python"],"sub_categories":[],"readme":"# IPV Spyware Discovery (ISDi) Tool\n\nChecks Android or iOS devices for apps used to surveil or track victims\n(\"stalkerware\", \"spouseware\", \"spyware\"). ISDi's technical details are included\nin [\"Clinical Computer Security for Victims of Intimate Partner Violence\"\n(USENIX 2019)](https://www.usenix.org/conference/usenixsecurity19/presentation/havron). The blacklist is based\non apps crawled in [\"The Spyware Used in Intimate Partner Violence\" (IEEE S\u0026P 2018)](https://www.computer.org/csdl/pds/api/csdl/proceedings/download-article/12OmNxWuiny/pdf).\n\n[![ISDI_Linter](https://github.com/stopipv/isdi/actions/workflows/super-linter.yml/badge.svg)](https://github.com/stopipv/isdi/actions/workflows/super-linter.yml)\n[![Sync with IOC stalkerware indicators](https://github.com/stopipv/isdi/actions/workflows/get-stalkerware-indicators.yml/badge.svg)](https://github.com/stopipv/isdi/actions/workflows/get-stalkerware-indicators.yml)\n\n## Contribution Guidelines\nFor more information about contributing to ISDi, see the [contribution guidelines](contribution.md).\n\n\n## Contribution Guidelines\nFor more information about contributing to ISDi, see the [contribution guidelines](contribution.md).\n\n## Installing ISDi :computer:\n\nRight now, ISDi currently only natively supports **macOS and Linux**. If you are using a Windows device, you can use the Windows Subsystem for Linux 2\n(WSL2), which can be installed by following [these instructions](https://docs.microsoft.com/en-us/windows/wsl/wsl2-install). After this,\nfollow the remaining instructions as a Linux user would, cloning/running \nISDi inside the Linux container of your choice. \n\n### Python dependencies\n- You will need Python 3.6 or higher (check by running `python3` in your\nTerminal and see what happens).  On macOS, you can get this by running the\nfollowing commands in your Terminal application: `xcode-select --install`\n(installs developer tools); followed by `/usr/bin/ruby -e \"$(curl -fsSL\nhttps://raw.githubusercontent.com/Homebrew/install/master/install)\"` to get\nBrew (a software package manager); finally, `brew install python` to get Python\n3.6+.\n\n- Run `pip3 install -r\nrequirements.txt` in the base directory of this repository to get the required\nPython modules.\n\n### Operating system dependencies\n\n#### Generic\n* [adb](https://developer.android.com/studio/releases/platform-tools.html)\n* expect\n* libimobiledevice\n* ideviceinstaller\n* ifuse\n\n#### macOS\nOn macOS you can quickly install project dependencies with Homebrew by running `brew bundle`.\n\nYou can also fulfill the requirements by doing:\n```\nbrew install --cask android-platform-tools\n```\n```\nbrew install expect libimobiledevice ideviceinstaller\n```\n\n#### Debian family\n\n```\nsudo apt install adb expect libimobiledevice-utils ideviceinstaller ifuse\n```\n\n#### Windows Subsystem Linux (v2)\nInstalling **adb** is not so straightforward in WSL2, and\nit won't work straightaway. You have to ensure having the *same* version of adb\n*both* in WSL2 and in normal Windows (with `adb version`), then you will need to\nstart the adb process first in Windows, then in WSL2 (with for example `adb\ndevices`).\n\n## Running ISDi\n\nAfter ISDi is installed, with an Android or iOS\ndevice plugged in and unlocked, run the following command in the terminal (in\nthe base directory of this repository)\n\n```$ ./isdi ```\n\nISDi defaults to normal (non-debug) mode. To run ISDi in `test` mode, set the `TEST` flag to 1: \n\n```$ TEST=1 ./isdi```\n\n\nThen navigate to `http://localhost:6200` in the browser of your choice (or `http://localhost:6202` if\nin test mode). You will see ISDi running as a web app. Click on `\"Scan Instructions\"` and follow \nthe instructions to prepare your device for the scan.\n\nIt should look something like this:\n\n![Phone Scanner UI before scan](webstatic/ISDi_before_scan.png \"Phone Scanner\nUI before scan\")\n\nConnect a device and click on the suitable button `Android` or `iOS`. Give it a\nnickname and click \"Scan now\". (**Please connect one device at a time.**) It\nwill take a few seconds for the scan to complete. We are working to have all\nscan results done at once on Android, but for the time being please leave the\ndevice plugged in when clicking on apps on the scan results table.\n\nAfter the scan, the UI will look something like this:\n\n![Phone Scanner UI after scan](webstatic/ISDi_after_scan.png \"Phone Scanner\nUI\")\n\n## Consultation form data \nISDi is intended to be used by advocates for victims of intimate partner violence in \na [clinical setting](http://www.nixdell.com/papers/2019-usenix_clinical_security_FULL.pdf); \nyou can add detailed notes about a victim's tech abuse situation \nby clicking `\"Start Consult Form\"` on ISDi's homepage. The results\nwill be saved in `data/fieldstudy.db` and can be viewed/edited\nby navigating to `/form/edit`.\n\nSome consult form data may not be relevant for use in\nother organizations (e.g., the meeting location being \nin a borough of New York City). Please consider adapting the form \nfor your needs. One can do this by modifying the `Client` class in \n`isdi` and use `sa.create_all()` (`sa` is obtained by wrapping SQLAlchemy over \nthe Flask app) to obtain the new\nschema. Then place the new schema in `schema.sql` by updating the `clients_notes` table.\n\n## Debugging tips \nIf you encounter errors, please file a [GitHub issue](../../issues/) with the server error output. \nPull requests are welcome. \n\n#### Android tips \nIn the terminal of the computer, run `adb devices` to see if\nthe device is connected properly.\n\n\n#### iOS tips \nIn the terminal of the computer (in the base directory of this repository), \nrun `./static_data/libimobiledevice-darwin/idevice_id -l` to see if\nthe device is connected properly (replace `darwin` with `linux` if your system is Linux.)\n\n#### Cast iOS Screens or Mirror Android Screens \nIt is possible to view your\ndevice screen(s) in real time on the macOS computer in a new window. This may\nbe useful to have while you are running the scan (and especially if you use the\nprivacy checkup feature), as it will be easy for you to see the mobile device\nscreen(s) in real time on the Mac side-by-side with the scanner.\n\n**How to do it:** \nYou can mirror Android device screens in a new window using\n[scrcpy](https://github.com/Genymobile/scrcpy), and cast iOS device screens on\nmacOS with QuickTime 10 (launch it and click File --\u003e New Movie Recording --\u003e\n(on dropdown by red button) the iPhone/iPad name).\n\n## Downloaded data ## \nThe data downloaded and stored in the study are the\nfollowing.  1. A `sqlite` database containing the feedback and actions taken by\nthe user.  2. `phone_dump/` folder will have dump of some services in the\nphone.  (For Android I have figured out what are these, for iOS I don't know\nhow to get those information.)\n\n##### Android \nThe services that we can dump safely using `dumpsys` are the\nfollowing.\n* Application static details: `package` Sensor and configuration info:\n* `location`, `media.camera`, `netpolicy`, `mount` Resource information:\n* `cpuinfo`, `dbinfo`, `meminfo` Resource consumption: `procstats`,\n* `batterystats`, `netstats`, `usagestats` App running information: `activity`,\n* `appops`\n\nSee details about the services in [notes.md](notes.md)\n\n##### iOS \nOnly the `appIds`, and their names. Also, I got \"permissions\" granted\nto the application. I don't know how to get install date, resource usage, etc.\n(Any help will be greatly welcomed.)\n\n\n## Code structure  \n* `phone_scanner.py` has all the logic required to communicate with Android and\n  iOS devices.\n* `parse_dump.py` has all of the logic required to extract dumped info from the\n devices. After the initial scan, the server will rely on this parser rather\n than needing an active connection to the device (work in progress). For now,\n please keep your device plugged in when looking at scan results.  \n* `isdi` is the Flask web server and the application's main entry point.\n* `templates/` folder contains the html templates rendering in the UI \n* `webstatic/` folder contains the `.css` and `.js` files\n* `phone_dumps/` folder will contain the data recorded from the phone (as well as in \n`data/fieldstudy.db`.\n\n\n\n## TODO 1.\nhttps://docs.google.com/document/d/1fy6RTo9Gc0rBUBHAhKfSmqI99PSPCBsAdEUIbpGIkzQ/edit\n2. ~How to figure out off-store apps in Android and iOS? Check the installer in\n`adb shell pm packages -i`~ 3. For iOS, how to find out app installation dates,\nresource usage, etc?  4. Explore viability of\n[WebUSB](https://github.com/WICG/webusb) and\n[WebADB](https://github.com/webadb/webadb.js).\n\nSee [notes.md](notes.md) for other developer helps.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstopipv%2Fisdi","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fstopipv%2Fisdi","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstopipv%2Fisdi/lists"}