Advanced

This page will explain the different features of the Advanced tab.

Under the Advanced tab, the user has the option to launch a Linux shell, a remote ADB shell (Android) or Cycript shell (iOS) in order to run additional code analysis on the application. You can also run an additional Network Capture in the Advanced tab.

If any items of interest are displayed within the shell, the user can select the specific text, then select Copy, and then Output using the buttons at the top of the window to then create an output in your project.

Any output created under the “Shell” tab will be placed within the “Code” folder in the workspace on the left.

Linux Shell

NowSecure Lab allows you to quickly run any linux command and command-line applications on the Santoku Operating System by using the Linux Shell.

Linux Shell

The shell will automatically starts in the assessment directory where all of the NowSecure Lab artifacts for that specific assessment are stored.

Device Console Shell

Depending on the platform tested, the user has the option to launch a remote adb shell (Android) or Cycript shell (iOS) in order to run additional code analysis on the application.

Make sure the application you are testing is running in the foreground on your iOS device before launching the Cycript shell.

Device Console Shell

Any output created under the “Shell” tab will be placed within the “Code” folder in the workspace on the left.

Did you know? On iOS, you have access to a Cycript shell by default. But if you press Ctrl + D inside that shell, you will also have full access to your iPhone filesystem.

Network Capture (PCAP)

The analyst is also able to initiate a packet capture using the “PCAP” tab at any time during the analysis without having to return to the Setup tab and repeat the data population process.

Upon completion of the PCAP capture in this tab, a “.pcap” file will be created within the “Network > Artifacts” folder in the workspace on the left.