首先可以拿自己的ipa包進(jìn)行嘗試。

選擇你的ipa包，然后把后綴名改為zip美浦，解壓縮得到Payload文件夾坝咐，里面就是你的APP梗掰。

打開終端，直接cd到你的xxxx.app目錄下。具體做法，輸入cd敦第，然后把xxxx.app直接拖到終端里打個回車。

然后輸入otool店量，會顯示如下內(nèi)容：

    Usage: /Applications/Xcode9.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/otool [-arch arch_type] [-fahlLDtdorSTMRIHGvVcXmqQjCP] [-mcpu=arg] [--version] <object file> ...
    -f print the fat headers
    -a print the archive header
    -h print the mach header
    -l print the load commands
    -L print shared libraries used
    -D print shared library id name
    -t print the text section (disassemble with -v)
    -p <routine name>  start dissassemble from routine name
    -s <segname> <sectname> print contents of section
    -d print the data section
    -o print the Objective-C segment
    -r print the relocation entries
    -S print the table of contents of a library (obsolete)
    -T print the table of contents of a dynamic shared library (obsolete)
    -M print the module table of a dynamic shared library (obsolete)
    -R print the reference table of a dynamic shared library (obsolete)
    -I print the indirect symbol table
    -H print the two-level hints table (obsolete)
    -G print the data in code table
    -v print verbosely (symbolically) when possible
    -V print disassembled operands symbolically
    -c print argument strings of a core file
    -X print no leading addresses or headers
    -m don't use archive(member) syntax
    -B force Thumb disassembly (ARM objects only)
    -q use llvm's disassembler (the default)
    -Q use otool(1)'s disassembler
    -mcpu=arg use `arg' as the cpu for disassembly
    -j print opcode bytes
    -P print the info plist section as strings
    -C print linker optimization hints
    --version print the version of 
   /Applications/Xcode9.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/otool

有興趣的同學(xué)可以仔細(xì)研究一下每個命令是干嗎用的芜果，這里介紹幾個常用命令：

可執(zhí)行文件的名稱可以右鍵xxxx.app文件，選擇顯示包內(nèi)容融师，然后找到里面的exec文件右钾，把名字打進(jìn)去。一般來說這個文件的名字跟xxxx是一樣的
然后奇跡就出現(xiàn)了旱爆。舀射。。

    /System/Library/Frameworks/CoreBluetooth.framework/CoreBluetooth (compatibility version 1.0.0, current version 1.0.0)
    /System/Library/Frameworks/CoreData.framework/CoreData (compatibility version 1.0.0, current version 851.0.0)
    /System/Library/Frameworks/CoreGraphics.framework/CoreGraphics (compatibility version 64.0.0, current version 1161.21.0)
    /System/Library/Frameworks/MediaPlayer.framework/MediaPlayer (compatibility version 1.0.0, current version 1.0.0)
    /System/Library/Frameworks/QuartzCore.framework/QuartzCore (compatibility version 1.2.0, current version 1.11.0)
    /System/Library/Frameworks/UserNotifications.framework/UserNotifications (compatibility version 1.0.0, current version 1.0.0)
    @rpath/libswiftAVFoundation.dylib (compatibility version 1.0.0, current version 902.0.54)
    @rpath/libswiftAssetsLibrary.dylib (compatibility version 1.0.0, current version 902.0.54)
    @rpath/libswiftCore.dylib (compatibility version 1.0.0, current version 902.0.54)
    @rpath/libswiftCoreAudio.dylib (compatibility version 1.0.0, current version 902.0.54)
    @rpath/libswiftCoreData.dylib (compatibility version 1.0.0, current version 902.0.54)
    @rpath/libswiftCoreFoundation.dylib (compatibility version 1.0.0, current version 902.0.54)
    @rpath/libswiftCoreGraphics.dylib (compatibility version 1.0.0, current version 902.0.54)
    @rpath/libswiftCoreImage.dylib (compatibility version 1.0.0, current version 902.0.54)
    @rpath/libswiftCoreLocation.dylib (compatibility version 1.0.0, current version 902.0.54)
    @rpath/libswiftCoreMedia.dylib (compatibility version 1.0.0, current version 902.0.54)
    @rpath/libswiftDarwin.dylib (compatibility version 1.0.0, current version 902.0.54)
    @rpath/libswiftDispatch.dylib (compatibility version 1.0.0, current version 902.0.54)
    @rpath/libswiftFoundation.dylib (compatibility version 1.0.0, current version 902.0.54)
    @rpath/libswiftMetal.dylib (compatibility version 1.0.0, current version 902.0.54)
    @rpath/libswiftObjectiveC.dylib (compatibility version 1.0.0, current version 902.0.54)
    @rpath/libswiftQuartzCore.dylib (compatibility version 1.0.0, current version 902.0.54)
    @rpath/libswiftUIKit.dylib (compatibility version 1.0.0, current version 902.0.54)
    @rpath/libswiftsimd.dylib (compatibility version 1.0.0, current version 902.0.54)
    .............

是不是很熟悉疼鸟？這個命令列出了你使用的所有庫的名字。

查看ipa包是否加殼：

otool -l 可執(zhí)行文件 | grep crypt

     cryptoff 16384
    cryptsize 6651904
      cryptid 0
     cryptoff 16384
    cryptsize 6553600
      cryptid 0

其中cryptid代表是否加殼庙曙，1代表加殼空镜，0代表已脫殼。我們發(fā)現(xiàn)打印了兩遍捌朴，其實代表著該可執(zhí)行文件支持兩種架構(gòu)armv7和arm64.

這里給大家推薦一個自動化檢測的神器：
MobSF
根據(jù)Document的提示自行研究一下吧吴攒。