mekos2772

mekos2772/ios-location-spoofer

JavaScript AGPL-3.0 Mobile Single maintainer risk

Standalone iOS app to spoof GPS location without jailbreak. Includes Shadowrocket/Surge/Loon/QX/Stash module.

1.9k stars
267 forks
active
GitHub +582 / week

1.9k

Stars

267

Forks

14

Open issues

8

Contributors

AI Analysis

This is a specialized iOS location spoofing tool that intercepts and modifies GPS coordinates returned by Apple's location services, allowing users to fake their location without jailbreaking. It works by integrating with proxy software (Shadowrocket, Surge, Loon, Quantumult X, Stash) to perform HTTPS decryption and coordinate manipulation. This tool is designed specifically for users who need location spoofing capabilities and have the technical knowledge to configure proxy software; it is n...

Mobile Security Tool Discovery value: 6/10
Documentation 8/10
Activity 9/10
Community 7/10
Code quality 5/10

Inferred from signals mentioned in the README (tests, CI, type safety) — not a review of the actual code.

Overall score 7/10

AI's overall editorial judgment — not an average of the bars above, can weigh other factors too.

location-spoofing ios-security proxy-integration mitm-proxy gps-manipulation
Actively maintained Well documented Niche/specialized use case AGPL-3.0 licensed Production ready
Deep Analysis · Based on README and public signals
7d ago

iOS GPS spoofing via proxy MITM: newly forked JavaScript port with multi-platform support, 4 days old.

iOS Location Spoofer is a JavaScript-based GPS location spoofing tool deployed as proxy modules (Shadowrocket, Surge, Loon, Quantumult X, Stash). It intercepts Apple's geolocation API responses and rewrites coordinates. Created June 30, 2026, it forks and refactors an earlier Go-based standalone app. The project targets users who want location simulation without jailbreaking, using existing proxy infrastructure (HTTPS MITM). Adoption remains unverified; the repository is extremely recent (4 days) with minimal activity signals.

Origin

Based on acheong08/ios-location-spoofer (a Go-based iOS app using VPN + MITM). This fork ports the core logic to JavaScript and extends it to five proxy platforms, removing the need for compilation or developer account enrollment. Claims to add cellular tower coordinate support, multi-format response handling, and motion state spoofing beyond the original.

Growth

Repository created June 30, 2026; gained 1,248 stars in 4 days with no stars in the last 7 days (as of July 4, 2026). Initial spike likely reflects discovery via tech forums or social media (README mentions LINUX DO community). Zero recent momentum suggests the early burst has plateaued or GitHub metrics lag behind actual activity.

In production

Adoption not verified. No public evidence of production deployments, user testimonials, or usage metrics. README claims 'tested implementations' (✅) but provides no aggregate adoption data, community size, or enterprise deployments. The 1,248 stars and 181 forks are recent (4 days) and may reflect discovery interest rather than active use. No app store presence mentioned; distribution is via manual module import into proxy apps.

Code analysis
Architecture

Likely a multi-target proxy module system: core JavaScript logic in `location-spoofer.js` shared across platforms, with platform-specific wrappers (.sgmodule, .lnplugin, .snippet, .stoverride). Includes a Node.js + Cloudflare Worker location-picker web tool for convenience. README does not provide code depth analysis; actual implementation quality cannot be verified from metadata alone.

Tests

Not documented in README. No mention of unit tests, integration tests, or CI/CD pipelines. Platform compatibility marked with ✅ (Shadowrocket, Surge, Loon, Stash) and 🟡 (Quantumult X 'awaiting test'). Real-world testing appears to rely on community reports rather than automated validation.

Maintenance

Last push: July 3, 2026 (1 day before analysis date). Created June 30, 2026. Repository is 4 days old. Presence of detailed bilingual README (Chinese + English code snippets), usage tutorial, and deployment options suggests active initial documentation effort. Too early to assess long-term maintenance patterns; no commit history depth available from metadata.

Honest verdict

ADOPT IF: you use one of the supported proxy apps (Shadowrocket, Surge, Loon, Stash), need silent GPS spoofing without jailbreak, accept the 4-day-old maturity and lack of adoption proof, and are comfortable troubleshooting via GitHub issues. Test first in non-critical scenarios. AVOID IF: you require production-grade stability guarantees, audit trails, or verification of real-world usage at scale. MONITOR IF: you're curious about proxy-based location interception and want to track whether this gains community traction or diverges into maintenance debt.

Independent dimensions

Mainstream potential

2/10

Technical importance

4/10

Adoption evidence

1/10

Risks
  • Project is 4 days old with zero growth in last 7 days; early-stage sustainability unknown. Abandonment risk is materially higher than mature tools.
  • Adoption metrics absent: no way to verify whether the 1,248 stars translate to active users or passive interest. Real usage may be negligible.
  • Platform support status inconsistent: Quantumult X marked 'awaiting test' (🟡). Edge-case failures likely undetected.
  • MITM proxy approach requires trusting the proxy app vendor and the module code; no formal security audit or transparency report documented. Malicious updates could silently intercept all location data.
  • Apple's API and iOS versions may evolve; no evidence of version-pinning or compatibility matrix in README. Future iOS releases could break the spoofing silently.
Prediction

If maintained, may stabilize as a niche tool within proxy app communities (Shadowrocket/Loon users), similar to CSS injection or DNS rule-set modules. Unlikely to reach mainstream adoption due to narrow use case (location spoofing is typically a personal convenience or testing tool, not a business need). Risk of dormancy if author's time investment declines post-launch surge.

0 found this helpful

Newsletter

Get analyses like this every Monday

Free weekly digest of the most interesting open-source discoveries.

Languages

JavaScript
99.6%
Vim Snippet
0.4%

Information

Language
JavaScript
License
AGPL-3.0
Last updated
4d ago
Created
1w ago
Analyzed with
anthropic/claude-haiku-4-5

Stars over time

Loading…

Contributors over time

Top 100 contributors only — repos with more will plateau at 100.

Loading…

Recent releases

No releases published yet.

Similar repos

Yu9191

Yu9191/wloc

This project modifies Apple's WiFi/cellular location services (gs-loc) to...

3.7k JavaScript Mobile
Schlaubischlump

Schlaubischlump/LocationSimulator

LocationSimulator is a macOS application that spoofs device locations for iOS,...

3k Swift Dev Tools
ZCShou

ZCShou/GoGoGo

GoGoGo (影梭) is an Android mock location tool that enables GPS spoofing without...

10.8k Java Mobile
ckcr4lyf

ckcr4lyf/EvilAppleJuice-ESP32

EvilAppleJuice-ESP32 is a specialized security research tool that exploits...

2.1k C++ Security
NobyDa

NobyDa/Script

NobyDa/Script is a collection of JavaScript automation scripts designed for iOS...

8.4k JavaScript Mobile
vs. alternatives
acheong08/ios-location-spoofer (original)

Original Go-based standalone iOS app. This fork adds multi-proxy support and extends feature coverage (cellular tower, motion state), but trades compilation-free operation for lighter dependency footprint.

iSponsorBlock + location modules (Surge/Loon)

Other proxy-based iOS spoofing or system-intercept modules. Less feature-specific documentation available; adoption baseline unknown.

Native jailbreak tweaks (e.g., LocationSpoofer from Cydia)

Require jailbreak; this project explicitly avoids that requirement, appealing to non-jailbroken user base.

VPN + manual location toggling

Simpler but requires manual action per location change. This project automates it via proxy rules.

Xcode simulator location override

Targets developers only; this targets end-users on physical iOS devices.