Tool

CLI

Incident Response & Management

mvt

by mvt-project

12.0Kstars

1.2Kforks

267watchers

Updated 3 months ago

About

MVT (Mobile Verification Toolkit) automates forensic analysis of Android and iOS devices to detect signs of spyware compromise.

MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.

Primary Use Case

This tool is primarily used by digital forensics experts and investigators to gather and analyze forensic traces from mobile devices potentially targeted by sophisticated spyware. It aids in incident response and threat hunting by scanning devices against known indicators of compromise, especially in cases involving human rights defenders and civil society members.

Key Features

Automated forensic data collection for Android and iOS devices
Support for scanning devices using public indicators of compromise (IOCs)
Developed and maintained by Amnesty International Security Lab
Integration with forensic methodologies from the Pegasus Project
Command-line interface tailored for technologists and investigators
Regular updates with new threat intelligence and IOCs
Open source with a dedicated license to prevent misuse
Extensive documentation and community support

Installation

Ensure Python 3 and dependencies are installed (see documentation)
Run `pip3 install mvt` to install the toolkit from PyPI
Refer to official documentation for alternative installation methods and troubleshooting

Usage

>_ mvt-ios

Command to perform forensic analysis and scanning on iOS devices

>_ mvt-android

Command to perform forensic analysis and scanning on Android devices

Security Frameworks

Reconnaissance

Collection

Discovery

Detection

Response

Usage Insights

Integrate MVT with threat intelligence platforms to automate IOC updates and enhance detection accuracy.
Use MVT in purple team exercises to simulate forensic investigations and improve incident response workflows.
Leverage MVT’s CLI capabilities to build automated forensic triage pipelines for rapid incident analysis.
Combine MVT outputs with SIEM tools to enrich alerts with mobile device compromise indicators.
Train blue team analysts on MVT usage to empower rapid mobile device compromise assessments during incidents.

Docs Take 2 Hours. AI Takes 10 Seconds.

Ask anything about mvt. Installation? Config? Troubleshooting? Get answers trained on real docs and GitHub issues—not generic ChatGPT fluff.

3 free chats per tool • Instant responses • No credit card

Security Profile

Red Team60%

Blue Team90%

Purple Team80%

Details

LicenseOther

LanguagePython

Open Issues352

Topics

forensics

mobile

security

android

ios

forensics-tools

Related Tools

post-mortems

danluu/post-mortems

Documentation

A collection of postmortems. Sorry for the delay in merging PRs!

11.6K

10 months ago

Detect-It-Easy

horsicq/Detect-It-Easy

Tool

Program for determining types of files for Windows, Linux and MacOS.

10.0K

3 months ago

howtheysre

upgundecha/howtheysre

Documentation

A curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Site Reliability Engineering (SRE)

9.4K

8 months ago