Tag: static dataflow analysis

AegiScan Aegi(s)Scan(er) is a static dataflow analysis framework for iOS application binaries, which can be used to facilitate vulnerability scanning. Design AegiScan utilizes top-down type propagation to resolve Objective-C MsgSend calls, thereby reconstructing the call graph. It then generates the Code Property Graph (CPG) for each function to establish context-sensitive dataflow. Leveraging the call graph, AegiScan…