tek
28d57e7178
Squashed commit of the following: commit c0d9e8d5d188c13e7e5ec0612e99bfb7e25f47d4 Author: Donncha Ó Cearbhaill <donncha.ocearbhaill@amnesty.org> Date: Fri Jan 7 16:05:12 2022 +0100 Update name of indicators JSON file commit f719e49c5f942cef64931ecf422b6a6e7b8c9f17 Author: Donncha Ó Cearbhaill <donncha.ocearbhaill@amnesty.org> Date: Fri Jan 7 15:38:03 2022 +0100 Do not set indicators option on module if no indicators were loaded commit a289eb8de936f7d74c6c787cbb8daf5c5bec015c Author: Donncha Ó Cearbhaill <donncha.ocearbhaill@amnesty.org> Date: Fri Jan 7 14:43:00 2022 +0100 Simplify code for loading IoCs commit 0804563415ee80d76c13d3b38ffe639fa14caa14 Author: Donncha Ó Cearbhaill <donncha.ocearbhaill@amnesty.org> Date: Fri Jan 7 13:43:47 2022 +0100 Add metadata to IoC entries commit 97d0e893c1a0736c4931363ff40f09a030b90cf6 Author: tek <tek@randhome.io> Date: Fri Dec 17 16:43:09 2021 +0100 Implements automated loading of indicators commit c381e14df92ae4d7d846a1c97bcf6639cc526082 Author: tek <tek@randhome.io> Date: Fri Dec 17 12:41:15 2021 +0100 Improves download-indicators commit b938e02ddfd0b916fd883f510b467491a4a84e5f Author: tek <tek@randhome.io> Date: Fri Dec 17 01:44:26 2021 +0100 Adds download-indicators for mvt-ios and mvt-android
Mobile Verification Toolkit
Mobile Verification Toolkit (MVT) is a collection of utilities to simplify and automate the process of gathering forensic traces helpful to identify a potential compromise of Android and iOS devices.
It has been developed and released by the Amnesty International Security Lab in July 2021 in the context of the Pegasus project along with a technical forensic methodology and forensic evidence.
Warning: MVT is a forensic research tool intended for technologists and investigators. Using it requires understanding the basics of forensic analysis and using command-line tools. This is not intended for end-user self-assessment. If you are concerned with the security of your device please seek expert assistance.
Installation
MVT can be installed from sources or from PyPi (you will need some dependencies, check the documentation):
pip3 install mvt
Alternatively, you can decide to run MVT and all relevant tools through a Docker container.
Please note: MVT is best run on Linux or Mac systems. It does not currently support running natively on Windows.
Usage
MVT provides two commands mvt-ios and mvt-android. Check out the documentation to learn how to use them!
License
The purpose of MVT is to facilitate the consensual forensic analysis of devices of those who might be targets of sophisticated mobile spyware attacks, especially members of civil society and marginalized communities. We do not want MVT to enable privacy violations of non-consenting individuals. In order to achieve this, MVT is released under its own license. Read more here.