There comes a time in an app developer’s life when they begin to have questions:

“What API provides that information?”

“What library are they using to achieve that amazing animation?”

“Why can’t I have the addresses of1-star App Store reviewers?”

Dissecting apps is a relatively easy, fun and informative way to learn how things are done. It’s a skill that will help you learn how things are done.

IPA -> ZIP

iOS apps from the App Store come bundled as “IPA” files (no, not India Pale Ale). If you’re new to iOS you may not know that IPA files are simply zip files, you can rename them and unzip to take a look at the contents.

Now your mind may be blown.

How do I get the IPA? Download the app on your Mac using iTunes. Once you’ve downloaded it, find it in your library. Right click the app and select “Show in Finder”:

Show me the ipa

It’ll pop up a window with the IPA selected:

Hello there, ipa

Copy the IPA to your working directory of choice, change the extension from IPA to ZIP and double click. You’re in. Initially you won’t find much: iTunesArtwork, iTunesMetadata.plist, and the META-INF and Payload Directories:

What is this stuff?

Open the Payload directory and you’ll find the actual app bundle. An app bundle is really just a directory of various files. Right click on the app file and select “Show Package Contents”:

Show those beautiful contents

In this directory you’ll probably find a lot of image resources, plist files, fonts, and perhaps sound effects – any assets bundled with the application will be found here. It should go without saying, these images are likely copyright and it would be a poor choice, legally and ethically to use these resources in your own application. We can, however, learn from them. In this era of Flat Design fewer folks are using images and accomplishing a lot more with code but hints about UI tricks can often be found lurking in the images.

Asset Catalog (CAR)

Some develops take advantage of the asset catalog. If they do, their assets may show up in the application bundle as a CAR file. This one won’t be quite as simple as renaming to zip and unzipping but there are tools available to extract assets from an asset catalog, I’ve used AssetCatalogTinkerer with success.

Data Structures

I’ve worked on apps with complex data structures and looking at the models of existing apps and finding out more about their persistence methods has helped give me a great starting place. This is particularly useful if an app uses Plists or SQLite for persistence as you can view the keys and structure of the data they store. It can also provides peace of mind in knowing an app you provide with secure credentials is storing them responsibly.

Pods

What pods are they using?

Legally speaking (I’m not a lawyer) many open source library licenses require that the app redistribute the license text, sometimes with attribution, with the application. Does everyone follow this rule? By no means, but a lot do. Often you can hop in the OS settings or the app’s about view and look at the “Attribution” or “Open Source” tab to find information on what CocoaPods or open source libraries an application utilizes:

Here’s the acknowledgements for iA Write (whoa Netscape 1998)

Brother Charles

There’s a wonderful tool called Charles you can install on your Mac that acts as a proxy.

Awesome. What does that mean? You can look at the outgoing traffic from your iPhone.

Early last year I was beginning work on a pollen alert app that would help me manage my allergy problems (yes, I know there are many out there but they’re all ugly). I searched high and low for a pollen API that would provide me with the information I needed – I was unable to find anything. However, there were a few existing apps in the App Store that utilized pollen data. I set the wi-fi settings on my iPhone to use my Mac as a proxy, running my iPhone web traffic through my Mac (this page shows how to do that). In doing so, I was able to find three sources for pollen data (none of which appear to legitimately license them – but thats another story). Additionally you can use this to debug your own apps without altering your code. Hint: you can also use it with SSL secured APIs: http://www.charlesproxy.com/documentation/faqs/ssl-connections-from-within-iphone-applications/.

Ask the developer

Don’t be afraid to ask them how they did it. There are a ton of app developers actively using Twitter and a good bit of them are friendly, helpful people.

Use for Good, not evil

Could you take the assets from a developers application and pop them into your own? Certainly. Is that ethical? Absolutely not. Resist the temptation to use this knowledge for evil. Use it as a tool in your tool belt when developing your own apps. Also be aware of what other people can find when looking at the contents of your own applications – be wise about where you store sensitive information.

—

Jayson Lane is the founder of giddyapp, simple time tracking for freelancers and creatives.