There are many limitations while using simulator for iOS app pentesting. The most important limitation is that you cannot install the iTunes application on simulator as they are compiled for the ARM platform, which is used for iDevice.
Therefore, the basic requirement to conduct penetration test of an iOS app using simulator is that you should have the application's Xcode project. A client rarely shares their Xcode project as it's their intellectual property.
Therefore, only if you have an Xcode project, you can use the iOS Simulator to pentest with a limited scope.
You can access the iOS Simulator filesystem; set up proxy for it. Here, you will learn how to use the Cycript utility for an iOS Simulator that is used in dynamic analysis.
You can get Cycript from http://www.cycript.org/ and can directly run it from the command line using the
#sudo ./Cycript command.
You can start the application in the simulator, get the PID of the app using the
ps command. Once you...