QR codes have quietly become one of the easiest ways to deliver malicious links. They show up in phishing kits, physical social‑engineering attempts, fake parking meters, restaurant menus, and even printed scam flyers. If you work in cybersecurity or DFIR, you’ve probably run into situations where you need to inspect a QR code without opening it.
The problem?
Most QR apps on iOS automatically open the link or make external requests. Many also include analytics or third‑party SDKs — not ideal when you’re handling suspicious payloads.
A colleague of mine built QR Lume, a small iOS utility designed specifically for this problem. It lets you safely inspect the raw contents of a QR code inside Apple’s sandbox, with zero telemetry and no third‑party tracking.
🔍 What it does
Shows the raw QR payload without opening anything
Runs fully inside Apple’s native sandbox
Makes no external requests unless you choose to
Contains no analytics, no tracking, no third‑party SDKs
Supports scanning from camera or photo library
Includes a hex + string viewer for deeper inspection
🛡️ Why this matters
QR‑based phishing is growing, and mobile devices are often the weakest link. Having a safe, offline way to inspect QR data is useful for:
DFIR triage
Mobile security testing
Investigating suspicious physical QR codes
Teaching junior analysts safe inspection workflows
Privacy‑minded users who want to see what they’re scanning
📱 The app
If you’re curious, here’s the App Store link:QR Lume on the App Store
Would love feedback from anyone working in mobile security, DFIR, or privacy. What features would make a tool like this even more useful in your workflow?
This article was originally published by DEV Community and written by Brianna Morgan.
Read original article on DEV Community