Command-line forensic tool developed by Amnesty International's Security Lab to analyze iOS and Android device backups and logs for indicators of compromise by mercenary spyware such as Pegasus.
Android app by GrapheneOS that uses hardware-backed attestation to verify the integrity and authenticity of a supported device and its operating system, confirming it has not been tampered with.
iOS and iPadOS device manager for Windows and macOS that includes a free built-in spyware analyzer, powered by MVT detection logic, to scan a device backup for signs of compromise.
If you worry your phone has been targeted by mercenary spyware, or you simply want to confirm your device is running the operating system it claims, these tools help you check. They range from forensic scanners to hardware-backed attestation apps.
Forensic tools scan a phone backup for known traces of spyware like Pegasus, comparing it against published indicators of compromise. Attestation apps use the device’s secure hardware to verify the operating system has not been tampered with. They answer different questions, so the right one depends on your concern.
Most people will never need a spyware scan, but journalists, activists, and anyone in a high-risk position are real targets for commercial surveillance tools. Attestation is broader: it is useful any time you want assurance a device is genuine and unmodified before you trust it.
Run a forensic scan on a clean computer using a fresh backup of the phone, and follow the tool’s guidance on reading the results, since a single hit is not always proof. For attestation, install the app on a supported device and check it regularly rather than once.