Use of oTool for Static analysis

Architeture

$ otool -f BINARY

Encryption

$ otool -l BINARY | grep -A 4 LC_ENCRYPTION_INFO

ASLR

$ otool -Vh BINARY 
WH Quest:  
Mach header  
      magic cputype cpusubtype  caps    filetype ncmds sizeofcmds      flags
   MH_MAGIC     ARM          9  0x00     EXECUTE    45       4684   NOUNDEFS DYLDLINK TWOLEVEL BINDS_TO_WEAK PIE


// Usually the binary is compiled using the PIE flag

Stack Smashing Protection

// you should find certain symbols inside the binary (like _stack_chk_guard and _stack_chk_fail)
$ otool -v -l BINARY | grep stack

Automatic Reference Couting

// binaries built with this option should include symbols called _objc_release, _obj_autorelease, _obj_storeStrong, _obj_retain

$ otool -v -I BINARY  | grep release
0x008b8ce4 241789 _objc_autorelease  
0x008b8cf4 241790 _objc_autoreleasePoolPop  
0x008b8d04 241791 _objc_autoreleasePoolPush  
0x008b8d14 241792 _objc_autoreleaseReturnValue  
0x008b8ea4 241817 _objc_release  
0x008b8ed4 241820 _objc_retainAutorelease  
0x008b8ee4 241821 _objc_retainAutoreleaseReturnValue  
0x008b8ef4 241822 _objc_retainAutoreleasedReturnValue  
0x008b9504 241439 ___cxa_guard_release  
0x008b9674 241341 __Block_release  
0x008b9ab4 241551 _dispatch_release  
0x00a0c3f4 229369 __ZN11GPASWrapperI6GPHashE7releaseEv  
0x00a12e8c 241789 _objc_autorelease  
0x00a12e90 241790 _objc_autoreleasePoolPop  
0x00a12e94 241791 _objc_autoreleasePoolPush  
0x00a12e98 241792 _objc_autoreleaseReturnValue  
0x00a12efc 241817 _objc_release  
0x00a12f08 241820 _objc_retainAutorelease  
0x00a12f0c 241821 _objc_retainAutoreleaseReturnValue  
0x00a12f10 241822 _objc_retainAutoreleasedReturnValue  
0x00a13094 241439 ___cxa_guard_release  
0x00a130f0 241341 __Block_release  
0x00a13200 241551 _dispatch_release  

Dangerous Functions

# otool -v -I BINARY  | grep malloc
0x008b9f64 241776 _malloc  
0x00a1332c 241776 _malloc

# otool -v -I BINARY  | grep free  
0x008b9cb4 241583 _free  
0x008b9cc4 241584 _freeifaddrs  
0x00a13280 241583 _free  
0x00a13284 241584 _freeifaddrs  

Ref

HowTo: iOS Apps - Static analysis - blog.dornea.nu