A Production-Grade iOS Decompiler & Reverse Engineering Suite
Deep Mach-O analysis, ARM64/x86_64 disassembly, control flow graphs, and advanced reverse engineering tools β all native on iOS.
Features β’ Installation β’ Usage β’ Architecture β’ Contributing
ReDyne is a sophisticated, native iOS application for reverse engineering and analyzing Mach-O binaries (dylibs, frameworks, executables). Built from the ground up with production-grade C/Objective-C/Swift, it brings desktop-class decompilation capabilities to iOS devices.
- π Production-Grade: Fully functional decompiler with enterprise-level code quality
- π± Native iOS: Optimized for iOS with a beautiful, intuitive interface
- β‘ High Performance: C-based parsing engines for blazing-fast analysis
- π Comprehensive: 11+ analysis modules covering every aspect of Mach-O binaries
- π¨ Modern UI: Clean, adaptive interface with Dark Mode support
- π Visual Analysis: Interactive control flow graphs with zoom and pan
- π Secure: Security-scoped bookmarks for persistent file access
- Universal Binary Support: Automatic fat/thin binary detection
- Multi-Architecture: ARM64, ARM64e, x86_64 support
- Architecture Selection: Pick specific slice from universal binaries
- Magic Number Detection: Comprehensive format validation
- Load Commands: Complete parsing of all LC_* commands
- Segments & Sections: Detailed segment/section analysis with flags
- ARM64 Disassembler: Production-grade decoder with 100+ instruction types
- Data Processing (ADD, SUB, MOV, MOVZ, MOVN, MOVK)
- Load/Store (LDR, STR, LDP, STP, LDUR, STUR)
- Branches (B, BL, BR, BLR, RET, B.cond, CBZ, CBNZ, TBZ, TBNZ)
- Logical Operations (AND, ORR, EOR, BIC, ORN, EON)
- Multiply/Divide (MUL, MADD, MSUB, UDIV, SDIV)
- Compare (CMP, CMN, TST, CCMP)
- Shifts (LSL, LSR, ASR, ROR)
- SIMD/FP Operations
- System Instructions (MSR, MRS, NOP, WFE, WFI, barriers)
- x86_64 Disassembler: Full support with ModR/M, SIB, REX prefixes
- Register Tracking: Reads/writes analysis for data flow
- Branch Detection: Automatic identification of control flow changes
- Call Graphs: 586+ calls detected per binary
- Jump Analysis: 277+ jumps/branches tracked
- Data References: Symbol and address resolution
- Symbolic Execution: ADRP+ADD pattern recognition
- Page-Aligned Addresses: Proper ARM64 address computation
- Hierarchical Layout: BFS-based level assignment
- Basic Block Analysis: Automatic BB detection and splitting
- Edge Classification: True/false branches, loop-backs, calls, returns
- Dominance Analysis: Proper loop detection with back-edge identification
- Interactive Visualization: Pinch-to-zoom (0.05x-3.0x), pan, auto-fit
- Dynamic Sizing: Handles 1-158+ nodes without clipping
- Color-Coded: Entry (blue), exit (red), conditional (orange)
- Symbol Table Parsing: Complete nlist/nlist_64 support
- Symbol Types: Functions, objects, sections, undefined
- Dynamic Symbols: Import/export detection
- Name Demangling: Swift/C++ symbol demangling
- Address Resolution: Virtual-to-file offset mapping
- Class Extraction: Parse
__objc_classlistsections - Method Discovery: Instance and class methods
- Property Analysis: @property declarations
- Instance Variables: ivar layouts
- Categories: Category parsing with methods/properties
- Protocols: Protocol conformance detection
- Dyld Bind Info: All 12 bind opcodes (DONE, SET_, DO_BIND_)
- Dyld Rebase Info: All 9 rebase opcodes
- Export Trie: Recursive traversal with ULEB128 decoding
- Weak Imports: Weak binding detection
- Lazy Bindings: Lazy symbol resolution tracking
- Library Dependencies: Full dylib dependency tree
- SuperBlob Parsing: Proper blob index structure parsing
- CodeDirectory: CDHash, Team ID, Signing ID extraction
- Entitlements: XML entitlement parsing and formatting
- Requirements: Code requirement validation
- Signature Type: Ad-hoc vs Full signing detection
- Certificate Chain: Signing authority tracking
- TXT: Clean, readable text format
- JSON: Structured JSON with full metadata
- HTML: Styled HTML with syntax highlighting
- PDF: Multi-page PDF with professional typography
- Share Sheet: Native iOS sharing integration
- C-String Extraction: ASCII/UTF-8 string detection
- Minimum Length Filter: Configurable string size
- Section-Aware: Extract from
__cstring,__text, etc. - Encoding Detection: Automatic charset recognition
- Security-Scoped Bookmarks: Persistent file access
- Automatic Cleanup: Stale bookmark refresh
- Swipe to Delete: Easy management
- Path Display: Full file path shown
Core Parsing (C)
MachOParser.c- Mach-O header/command parsingDisassemblyEngine.c- ARM64/x86_64 instruction decodingSymbolTable.c- Symbol table parsingDyldInfo.c- Dyld bind/rebase/export parsingObjCParser.c- Objective-C runtime analysisCodeSignature.c- Code signature parsingControlFlowGraph.c- CFG construction and analysisStringExtractor.c- String extraction
Services (Objective-C)
MachOParserService.m- Swift bridge for Mach-O parsingDisassemblerService.m- Disassembly service with pseudocodeObjCParserBridge.m- ObjC runtime bridge
Analysis (Swift)
CFGAnalyzer.swift- Control flow graph analysisXrefAnalyzer.swift- Cross-reference analysis with symbolic executionCFGModels.swift- Graph layout algorithms
UI (Swift + UIKit)
FilePickerViewController- File selection and recentsDecompileViewController- Main analysis orchestrationResultsViewController- Multi-tab results displayCFGViewController- Interactive CFG visualizationCFGGraphView- Custom Core Graphics rendering
- Bridge Pattern: C β Objective-C β Swift interop
- Service Layer: Decoupled parsing and analysis
- MVVM: Clean separation of data and presentation
- Delegates: UITableView, UIDocumentPicker protocols
- Factory Pattern: Model object creation
- Strategy Pattern: Multiple export formats
- C-Based Parsers: Maximum performance for binary parsing
- Lazy Loading: Parse on-demand for large binaries
- Efficient Memory: RAII patterns, proper cleanup
- Background Processing: Async analysis with DispatchQueue
- View Recycling: UITableView cell reuse
- Dynamic Layout: Adaptive CFG sizing
- iOS: 16.0 or later
- Device: iPhone or iPad
- Storage: ~50 MB app + space for analyzed files
- Architectures: ARM64 (device), x86_64 (simulator)
-
Clone the Repository
git clone https://github.com/speedyfriend433/ReDyne.git cd ReDyne -
Open in Xcode
open ReDyne.xcodeproj
-
Configure Signing
- Select your development team in Xcode
- Update bundle identifier if needed
-
Build and Run
- Select your target device/simulator
- Press
Cmd+Rto build and run
- Xcode 15.0+
- macOS 14.0+ (Sonoma)
- Active Apple Developer account (for device testing)
- Launch ReDyne on your iOS device
- Tap "Select Mach-O File" to open the file picker
- Choose a dylib/framework to analyze
- Wait for analysis (typically 2-10 seconds)
- Explore results across 11 tabs:
- File Info: Basic file metadata
- Mach-O Header: Magic, CPU type, file type, flags
- Segments: Segment/section analysis
- Symbols: Symbol table entries
- Disassembly: Annotated ARM64/x86_64 code
- Strings: Extracted string constants
- Functions: Detected function boundaries
- Xref: Cross-reference analysis
- ObjC Classes: Objective-C runtime data
- Imports/Exports: Dyld binding information
- Code Signature: Signing details and entitlements
- CFG: Interactive control flow graphs
Control Flow Graphs
- Tap any function to visualize its CFG
- Pinch to zoom in/out (0.05x to 3.0x)
- Drag to pan across large graphs
- Tap nodes to inspect basic blocks
Export Data
- Tap the share button in any tab
- Choose format: TXT, JSON, HTML, or PDF
- Share via AirDrop, Messages, Mail, etc.
Recent Files
- Files automatically saved to recents
- Swipe left to delete entries
- Tap to re-open (works even after app restart!)
Universal Binary Selection
- For fat binaries, choose specific architecture
- ARM64, ARM64e, x86_64 options shown
- Analysis tailored to selected slice
ReDyne implements production-grade instruction decoders with priority-based pattern matching:
ARM64 Decoder Priority:
- B/BL (immediate branches)
- RET/BR/BLR (register branches)
- STP/LDP (stack operations)
- Data Processing (arithmetic, logical)
- Load/Store (memory access)
- Conditional branches
- SIMD/FP operations
Decoding Features:
- Precise bit-field extraction
- Operand formatting (registers, immediates, addresses)
- Branch target calculation
- PC-relative address resolution
- Register usage tracking
Algorithm:
- Basic Block Detection: Split at branches, calls, returns
- Level Assignment: BFS traversal for hierarchical layout
- Node Positioning: Center-based coordinate system
- Edge Classification: Analyze branch types
- Loop Detection: Dominance-based back-edge identification
- Bounds Calculation: Include node + edge dimensions
- Dynamic Sizing: Content-aware canvas growth
Layout Features:
- Automatic spacing adjustment
- Edge overlap prevention
- Node size adaptation
- Loop-back edge handling
ReDyne uses iOS security-scoped bookmarks for persistent file access:
// On file pick
let bookmarkData = try url.bookmarkData(options: .minimalBookmark)
UserDefaults.standard.saveFileBookmark(bookmarkData, for: path)
// On file access
let url = try URL(resolvingBookmarkData: bookmarkData, options: .withoutUI)
url.startAccessingSecurityScopedResource()
// ... use file
url.stopAccessingSecurityScopedResource()This allows files to be accessed even after app restart or device reboot.
Contributions are welcome! Here's how you can help:
- Use GitHub Issues
- Include iOS version, device model
- Provide sample binary (if possible)
- Describe expected vs actual behavior
- Open a GitHub Issue with [Feature Request] tag
- Describe use case and benefit
- Link to relevant documentation/specs
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
- Follow existing patterns
- C code: RAII, clear ownership
- Swift: camelCase, clear types
- Comments for complex logic
- Update README if adding features
This project is licensed under the MIT License - see the LICENSE file for details.
MIT License
Copyright (c) 2025 speedyfriend433
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
speedyfriend433
- GitHub: @speedyfriend433
- Email: [email protected]
- ARM Architecture Reference Manual - Instruction encoding specifications
- Apple Mach-O Documentation - File format details
- iOS Developer Community - Testing and feedback
- Open Source Contributors - Issue reports and PRs
Codebase:
- ~15,000 lines of C/Objective-C/Swift
- 11 analysis modules
- 100+ ARM64 instruction types
- 50+ x86_64 instruction types
- 12 dyld bind opcodes
- 9 dyld rebase opcodes
Capabilities:
- Analyze 500KB dylib in ~3 seconds
- Disassemble 485,000+ instructions
- Generate CFGs with 158+ nodes
- Detect 863+ cross-references
- Parse 143+ exports per binary
Planned Features:
- Pseudocode generation
- Function renaming
- Binary patching
- Class Dump (60% done)
- Type reconstruction (50% done)
- Comment annotations
- Hex editor
- Memory dump analysis
- Universal Format support
- Network analysis
- Runtime C Decompiler & Branch
β οΈ Very large binaries (>100MB) may cause memory pressureβ οΈ Some complex ObjC runtime structures not yet parsedβ οΈ x86_64 coverage is not 100% (ARM64 prioritized)
See Issues for full list.
- Questions? Open a GitHub Discussion
- Bug? File an Issue
- Email: [email protected]
β Star this repo if you find it useful! β
Made with β€οΈ for the iOS reverse engineering community