Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/paradiseduo/tiktok

Tiktok是一个AST扫描器，用于发现敏感函数调用链，方便通过静态扫描的方式提前做隐私合规水位预警
https://github.com/paradiseduo/tiktok

ast china chinese ios llvm scan scanner xcode

Last synced: 21 days ago
JSON representation

Tiktok是一个AST扫描器，用于发现敏感函数调用链，方便通过静态扫描的方式提前做隐私合规水位预警

Host: GitHub
URL: https://github.com/paradiseduo/tiktok
Owner: paradiseduo
Created: 2023-10-08T08:38:06.000Z (over 1 year ago)
Default Branch: main
Last Pushed: 2023-10-09T02:04:13.000Z (over 1 year ago)
Last Synced: 2024-11-14T19:45:38.559Z (3 months ago)
Topics: ast, china, chinese, ios, llvm, scan, scanner, xcode
Language: Swift
Homepage:
Size: 15.6 KB
Stars: 2
Watchers: 1
Forks: 2
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

# Tiktok
Tiktok是一个AST扫描器，用于发现敏感函数调用链，方便通过静态扫描的方式提前做隐私合规水位预警

## 使用方法
**首先使用源码编译你要扫描的项目，拿到IndexDB的路径，这是一切工作的起点，没有源码的编译产物是无法进行扫描的**

```bash
❯ ./Tiktok -h at 16:45:14
OVERVIEW: Tiktok v1.0.0

tiktok is a tool which scan indexDB AST to find api which one used.

USAGE: tiktok

ARGUMENTS:
The indexDB path for Tiktok.
The api json file path for Tiktok.
The output path for Tiktok.

OPTIONS:
--version Show the version.
-h, --help Show help information.
```

## 举个例子
我有一个叫Tiktok的APP，通过源码编译之后，通过Xcode的“show build folder in finder”功能找到编译产物所在的路径，继而找到IndexDB的路径“/Users/admin/Library/Developer/Xcode/DerivedData/Tiktok-cmoxrmqwmupadmaqlqrwfmiorwxi/Index.noindex/DataStore”

```bash
❯ ./Tiktok IndexDB的路径需要扫描的api(JSON文件，对格式有要求) 结果输出目录
❯ ./Tiktok /Users/admin/Library/Developer/Xcode/DerivedData/Tiktok-cmoxrmqwmupadmaqlqrwfmiorwxi/Index.noindex/DataStore /Users/admin/Desktop/Tiktok/apis.json /Users/admin/Desktop/tiktok_out
```

## 特别感谢

https://github.com/apple/indexstore-db

https://github.com/apple/swift-argument-parser