iOS Reverse Engineering Consulting

mitmproxy, Frida, and binary analysis for lawful, defensible use cases: compatibility with your own product, recovery of a legacy codebase you've inherited, integration with a vendor that has no API.

protocol discovery via mitmproxy and runtime instrumentation via Frida
binary analysis for Swift and Objective-C iOS apps
scoped, lawful reverse-engineering for compatibility, research, or personal use

Recognition

App Store Best New Apps 2026 Product Hunt Product of the Day 2025 CES Best of Innovation 2021 CES Innovation Award 2021 Webby Honoree 2021 Google Material Design 2020

Credentials

Member of British Computer Society 2024 BEng (Hons) 2017 Apple WWDC Scholarship 2015

Tell me what you're working on, or grab a free 30-min scoping call. I reply within 48 hours.

work@drobinin.com Free 30-min call →

Related work

What clients say

"Vadim was instrumental to the success Epsy enjoyed on iOS, taking it from an idea on a Miro board to the highest rated and most downloaded app of its kind on the store."

James C. · Mobile Engineering Lead, Epsy

"We had a strict deadline, and Vadim managed to complete the job in time. He gave us meaningful feedback and suggested better approaches, not trying to blindly stick to our specification."

Founder · Pre-seed streaming service

"I can say with confidence that it will be difficult to find a better developer. Vadim is achievement-oriented, highly organized, with very good communication skills."

Alex Z. · Co-Founder, eda.so

Common engagements

Integrate with a vendor that won't ship an API

I scope the work to your own product or internal tooling, document the legal rationale before touching code, then reverse the protocol with mitmproxy and Frida. 1–3 weeks to a working client. The deliverable includes a change-detection harness so the integration tells you when the vendor's protocol has moved.

Assess your app's defence posture

Your app is being reverse-engineered in the wild. I review the threat model, recommend hardening measures, and hand over practical defences you can roll out.

Understand your own legacy codebase

Inherited an iOS codebase with a dead backend? I reverse-engineer your own app to tell you what it was doing.

Areas I cover

Traffic inspectionmitmproxy, Charles Proxy, SSL pinning bypass where legal, request replay for contract-aware clients.

Runtime instrumentationFrida for hooking Objective-C and Swift, tracing method calls, probing private APIs.

Static binary analysisHopper, Ghidra, class-dump, otool, nm. Used when Frida isn't enough or when reasoning about shipped binaries.

BLE and wirelessNordic nRF Sniffer, Ellisys for Bluetooth captures. Wireshark for non-HTTPS traffic.

Defeating pinningiOS-App-Proxy patterns and Frida scripts for common pinning libraries, applied only to apps you control or have been authorised to test.

Pricing

Advisory

£110

per hour

Architecture reviews, hiring help, second opinions on that thing that's been bugging you.

Available now

What work won't you take?

Cloning a competitor's product. Bypassing license enforcement. Anything that would embarrass both of us if it appeared on the front page of a newspaper.

Is reverse-engineering legal?

Jurisdiction-dependent and use-case-dependent. I take work where the use case is clearly defensible: you own the device or software, you're building compatibility for your own product, you're doing coordinated security research, internal tooling, or clearly personal use.

Do you do bug bounty / coordinated disclosure work?

Yes, with clear scope, responsible disclosure terms, and an agreement that any writeup is coordinated with the vendor.

How do I get a quote?

Two paths. If you need speed, send me a detailed brief and I'll quote from it (usually within 48 hours). If you'd rather talk first, book a free 30-minute scoping call and I'll quote after. Most clients who pick the brief path land on the call anyway once we get into the specifics, but the door is open either way.

How quickly can you start?

Advisory calls can happen within days. For project work, I typically need 1-2 weeks notice to clear the calendar, though I keep some buffer for urgent firefighting. Check the availability badges above for current openings.

Do you work with early-stage startups?

Yes, from pre-seed to Series C and beyond. For very early teams, the advisory tier often makes more sense than project work: you get architecture guidance without committing to a large engagement before you've validated the product.

What's included in the day rate?

Everything: code, architecture decisions, code review, documentation, async Slack availability during working hours. No surprise add-ons. I bill for time spent working on your project, not for "thinking about it in the shower."

How do you handle timezone differences?

Currently in Vancouver (PST) with full overlap for North American teams. For UK and Europe, I'm online by their afternoon. For Gulf or APAC, we'd agree on overlap hours and handle the rest async. I've worked with teams from San Francisco to Dubai.

Where I've worked CV · LinkedIn

Drobinin Limited Founder · 2025–present 12+ apps from idea to App Store. Featured by Apple in EMEA & Americas.

LivaNova (NASDAQ: LIVN) Senior iOS · 2020–2025 Epsy, an epilepsy management app. Shipped inside an FDA-regulated medical-device company. HIPAA, CES Innovation Award.

Sphere (acquired by Twitter/X) Senior iOS · 2017–2020 Early Employee. $30M funding to acquisition.

VK.com iOS Consultant · 2016–2017 Authored & delivered an onsite course on iOS development.

ToBox Lead iOS · 2015–2016 Built team, MVVM architecture, full Swift rewrite.

Need to reverse-engineer an iOS app or API?

Describe what you're working on, or book a free 30-min scoping call. I reply within 48 hours.

work@drobinin.com Book a free call →