Cydia Impactor

Cydia Impactor is a GUI tool for working with mobile devices. It has features already, but is still very much a work-in-progress. It is developed by saurik (Twitter and website).

You can use this tool to install IPA files on iOS and APK files on Android. It also can help you exploit the series of Android "Master Key" vulnerabilities.

NOTE: as of late 2019, Cydia Impactor can only install IPA files to an iPhone if you have a (paid) developer account; if you are attempting to use Impactor to install an IPA file and you have not paid your Apple tax, it will not function.


Download whatever the latest version of Cydia Impactor is for Mac OS X, Windows, Linux (32-bit), or Linux (64-bit). (These URLs will always redirect to the most recent versions, so feel free to directly link to the packages from howto guides.)

Note: Do not "Run as Administrator" Impactor; doing this makes drag/drop of files not work on Windows 10.

Also: Tons of people are downloading Cydia Impactor in an attempt to install some kind of Pokemon Go hack in the form of an IPA file... to their Android device... an IPA file is for devices running iOS only, not Android.

If you are on Windows, you may have to install a device driver to talk to your Android device over USB. If your device is not detected, use Impactor's USB Driver Scan feature to attempt to automatically construct and install a driver for your device. You do not need the Android SDK installed to use Impactor.

For iOS, if you are using wither Windows or macOS, you definitely need to have iTunes installed for this tool to work (for different reasons). You do not need Xcode installed to use Impactor (even for features such as signing IPA files).

To download new versions, use "Check for Updates..." under the Impactor menu from inside of the application. Impactor will also occasionally prompt about new versions that come out. (This feature is currently not available in the Linux versions.)


The Android "Master Key" vulnerability was found by Bluebox Security. For more information on how this bug works, I have done an overly-detailed article on the exploit technique.