Skip to main content

Penetration Testing Tools

Corellium virtual devices help penetration testers do more work in less time.

Limitless Device Combinations

Run any iOS version across dozens of iPhones plus select iPad and iPod Touch devices. Choose jailbroken or non-jailbroken and advanced options such as boot arguments, Pointer Authentication Codes, kernel patches, custom kernels, custom device trees, and many more.

You can also test on every major version of Android going back to Android 7.

Static and Dynamic Analysis

Use the built-in Apps, Files, and Console tools to access your virtual device's installed apps, filesystem, and shell environment. SSH into your device over a VPN or use Corellium's Quick Connect option.

Connect to all-in-one analysis tools like MobSF (Mobile Security Framework) to begin static analysis and dynamic analysis with just a few steps.


Save valuable setup time by instantly returning to a previously saved Snapshot, creating clones to run multiple tests from the same starting environment.

Never worry about bricking a device again with the ability to restore the device to a known working state.


For ease of use, we've included a Frida daemon in all iOS and Android virtual models. Use our built-in Frida tool or work on the command line. Please see our walkthrough Using Frida to Find Hooks to get started.

Our virtualized iOS and Android devices also support integration with objection, the runtime exploitation framework for Frida.

Network Traffic Analysis

Use the integrated Network Monitor to view live HTTPS traffic on your virtual iOS and Android devices.

Corellium allows you to intercept network traffic over a VPN with just a few steps. Watch our video on using Burp Suite to see how easy the process is.


Work smarter by leveraging our REST API, JavaScript API, and Python API. Learn about the capabilities by reading the documentation or our Simple API Example script.

Integrate directly into your GitHub Actions CI/CD workflows to automate building, deploying, and testing your code straight from the repository.