Youtube video- https://youtu.be/UUlRE52gdwQ?si=0sWMOi35JoyzSeza
Advanced Python tool for extracting Protocol Buffer (protobuf) schemas, message definitions, and API structures from iOS IPA applications.
Perfect for reverse engineering, security research, API analysis, and mobile app development research.
- ✅ Extract .proto files from iOS app bundles
- ✅ Analyze compiled protobuf files (.pb format)
- ✅ Advanced binary string analysis for protobuf patterns
- ✅ Automatic .proto file reconstruction with message definitions
- ✅ Framework and library analysis for embedded protobufs
- ✅ Protobuf descriptor search and extraction
- ✅ Support for all iOS applications using Protocol Buffers
- ✅ Comprehensive reporting with detailed analysis results
- ✅ Multi-format output (JSON, text, reconstructed .proto files)
- Python 3.6 or higher
- Required Python packages (install automatically)
# Clone the repository
git clone https://github.com/riyadmondol2006/iOS-Protobuf-Extractor.git
cd iOS-Protobuf-Extractor
# Install dependencies
pip3 install -r requirements.txt
# Make executable
chmod +x ios_protobuf_extractor.py# Install required packages manually
pip3 install zipfile36 pathlib# Extract from IPA file to current directory
python3 ios_protobuf_extractor.py app.ipa
# Extract to specific output directory
python3 ios_protobuf_extractor.py app.ipa ./output_folder/
# Show help
python3 ios_protobuf_extractor.py --help# Verbose mode with detailed logging
python3 ios_protobuf_extractor.py -v app.ipa ./results/
# Extract only specific analysis types
python3 ios_protobuf_extractor.py --strings-only app.ipa
# Custom output format
python3 ios_protobuf_extractor.py --format json app.ipaThe tool employs multiple extraction techniques:
- Scans for
.protofiles within the IPA bundle - Extracts human-readable protobuf definitions
- Identifies
.pbfiles (compiled protobuf) - Attempts to decompile back to .proto format
- Searches binary files for protobuf-related strings
- Identifies message names, field names, and service definitions
- Reconstructs potential API structures
- Scans embedded frameworks for protobuf usage
- Analyzes dynamic libraries and frameworks
- Locates protobuf descriptor signatures in binaries
- Extracts compiled message descriptors
output_folder/
├── README.txt # Analysis summary
├── extraction_summary.json # Detailed results in JSON
├── proto_files/ # Direct .proto files found
├── compiled_protobufs/ # Compiled .pb files
├── binary_analysis/ # Binary analysis results
│ └── descriptor_*.desc # Extracted descriptors
└── strings_analysis/ # String analysis results
├── protobuf_strings.txt # All protobuf-related strings
└── reconstructed_proto.proto # Reconstructed protobuf definitions
# Analyze popular apps for API structures
python3 ios_protobuf_extractor.py instagram.ipa ./instagram_analysis/
python3 ios_protobuf_extractor.py whatsapp.ipa ./whatsapp_analysis/# Extract API definitions for integration
python3 ios_protobuf_extractor.py banking_app.ipa ./api_analysis/# Study protobuf implementation patterns
python3 ios_protobuf_extractor.py various_apps.ipa ./research/IPA Protobuf Extraction Report
========================================
IPA File: TikTok.ipa
Output Directory: tiktok_analysis
Total Files Found: 127
Results by Method:
--------------------
direct_proto_files: 12 files
compiled_protobuf_files: 8 files
strings_analysis: 45 message types found
framework_analysis: 3 frameworks analyzed
descriptor_search: 15 descriptors extracted
Key Findings:
- User profile management API
- Video upload/streaming protocols
- Chat and messaging system
- Content recommendation engine
- Authentication and security protocols
- API vulnerability assessment
- Protocol analysis for security flaws
- Authentication mechanism research
- Understanding app architecture
- API integration research
- Performance optimization studies
- App functionality analysis
- Feature implementation study
- Competitive analysis
- Mobile protocol analysis
- App behavior studies
- Security research projects
This tool is intended for:
- ✅ Educational purposes
- ✅ Security research on apps you own
- ✅ Academic research
- ✅ Legitimate reverse engineering
Always ensure you have proper authorization before analyzing applications.
Issue: "No protobuf data found"
# Try with verbose mode to see detailed analysis
python3 ios_protobuf_extractor.py -v app.ipaIssue: "Invalid IPA file"
# Verify IPA file integrity
unzip -t app.ipaIssue: "Permission denied"
# Fix file permissions
chmod +x ios_protobuf_extractor.pyIf you encounter issues:
- Check the verbose output with
-vflag - Verify Python version (3.6+ required)
- Ensure all dependencies are installed
- Contact support (details below)
Contributions are welcome! Please:
- Fork the repository
- Create a feature branch
- Submit a pull request
git clone https://github.com/riyadmondol2006/iOS-Protobuf-Extractor.git
cd iOS-Protobuf-Extractor
pip3 install -r requirements.txtMIT License - see LICENSE file for details.
Riyad Mondol - iOS Security Researcher & Reverse Engineer
For inquiries, support, or project quotes:
- Email: riyadmondol2006@gmail.com
- YouTube: Reversesio
- Blog: reversesio.com
- Project Quotes: reversesio.shop
- Telegram: @riyadmondol2006
I'm available for custom reverse engineering projects and consultations:
- 📱 iOS app analysis and reverse engineering
- 🔐 Mobile security assessments
- 🛠️ Custom tool development
- 📊 API analysis and documentation
- 🎓 Training and workshops
Feel free to reach out for any project opportunities!
If this tool helped you, please:
- ⭐ Star this repository
- 🐛 Report bugs or request features
- 📢 Share with the community
- 💬 Follow me on social media
Happy Reverse Engineering! 🕵️♂️