SpoofGeo — macOS Geolocation Spoofing Tool

A native macOS application for overriding geolocation data reported by web browsers and the operating system. Built with SwiftUI, targeting macOS 14 (Sonoma) and later.

Developed by Terabitlab.

---

Overview

SpoofGeo intercepts and replaces the geolocation coordinates returned by browser APIs (navigator.geolocation) with user-defined values. It supports Chromium-based browsers via the Chrome DevTools Protocol (CDP) and Safari via AppleScript JavaScript injection.

The tool is intended for software testing, development, and research scenarios where deterministic geolocation data is required.

Screenshots

Spoof View	Test View

Apps View	Browser Result

Architecture

SpoofGeo/
├── SpoofGeoApp.swift              # Application entry point (@main)
├── Views/
│   ├── MainView.swift             # Tab navigation (Spoof / Test / Apps)
│   ├── SpoofView.swift            # Map interface, coordinate input, search
│   ├── TestView.swift             # Location verification, diagnostic report
│   └── AppsView.swift             # Per-application spoof management
├── Services/
│   ├── LocationStore.swift        # Central state (ObservableObject), spoof lifecycle
│   ├── BrowserSpoofer.swift       # CDP + Safari JS injection engine
│   ├── AppLauncher.swift          # App launch with DYLD hook or browser spoof
│   ├── DylibManager.swift         # Inline Obj-C dylib compilation (CLLocationManager swizzle)
│   ├── SpoofConfig.swift          # Shared config file (/tmp/spoofgeo_config.json)
│   ├── SimHelper.swift            # iOS Simulator location via xcrun simctl
│   ├── SearchCompleter.swift      # MKLocalSearchCompleter wrapper
│   ├── GPXExporter.swift          # GPX XML generation
│   └── Coords.swift               # Coordinate parsing ([lat, lon] formats)
└── Assets.xcassets/               # App icon, accent color

Spoofing Methods

1. Chrome DevTools Protocol (CDP)

For Chromium-based browsers (Chrome, Edge, Brave, Arc, Opera, Vivaldi, Chromium):

1. The browser is launched with --remote-debugging-port=9222
2. SpoofGeo connects to the CDP endpoint at http://localhost:9222/json
3. For each page tab, it opens a WebSocket connection and sends:
   • Page.addScriptToEvaluateOnNewDocument — registers a persistent script that executes on every navigation, ensuring the override survives page loads
   • Runtime.evaluate — injects the override into the currently loaded page immediately
4. The injected JavaScript replaces:
   • navigator.geolocation.getCurrentPosition()
   • navigator.geolocation.watchPosition()
   • navigator.geolocation.clearWatch()
   • navigator.permissions.query() (returns {state: 'granted'} for geolocation)
5. A periodic timer (3-second interval) re-injects into new tabs

This approach is more reliable than Emulation.setGeolocationOverride, which requires a persistent WebSocket connection per tab and loses its effect when the connection closes.

2. Safari JavaScript Injection

For Safari:

1. SpoofGeo enables "Allow JavaScript from Apple Events" via defaults write
2. It enumerates all Safari windows and tabs via AppleScript
3. The same geolocation override JavaScript is injected into each tab using do JavaScript
4. The override persists until the page is navigated away or reloaded

3. DYLD Hook (Native Apps)

For non-hardened native macOS applications:

1. An Objective-C dylib is compiled inline via xcrun clang (universal: arm64 + x86_64)
2. The dylib swizzles CLLocationManager methods (location, startUpdatingLocation, requestLocation)
3. The target app is launched with DYLD_INSERT_LIBRARIES pointing to the compiled dylib
4. Coordinates are read from /tmp/spoofgeo_config.json at runtime

4. iOS Simulator

For booted iOS Simulators:

• Location is set via xcrun simctl location booted set <lat> <lon>

Requirements

Component	Version
macOS	14.0 (Sonoma) or later
Xcode	15.0 or later
Swift	5.9+

The application requires:

• App Sandbox disabled (for Process() calls, file writes, simctl access)
• Hardened Runtime disabled (for DYLD injection support)
• Location Services permission (for CLLocationManager access)

Build

# Clone
git clone https://github.com/<your-org>/SpoofGeo.git
cd SpoofGeo

# Build (Release)
xcodebuild -project SpoofGeo.xcodeproj \
  -scheme SpoofGeo \
  -configuration Release \
  -derivedDataPath build/derived \
  CODE_SIGN_IDENTITY="-" \
  ENABLE_HARDENED_RUNTIME=NO

# The .app bundle is at:
# build/derived/Build/Products/Release/SpoofGeo.app

Create DMG

bash build_dmg.sh
# Output: SpoofGeo.dmg

Usage

Chrome / Chromium Browsers

1. Open the Apps tab
2. Click Spoof next to Chrome — this relaunches Chrome with the CDP debug port
3. Navigate to any website that requests geolocation
4. Set your desired coordinates on the Spoof tab
5. Click Start Spoof — the override is injected into all open tabs

Safari

1. Click Start Spoof — SpoofGeo automatically enables "Allow JavaScript from Apple Events"
2. If Safari was already running, quit and reopen it manually (one-time requirement)
3. The geolocation override is injected into all open tabs

Native Apps (DYLD)

1. Open the Apps tab
2. Click Build Hook to compile the dylib
3. Click Spoof next to a non-hardened app — it relaunches with the DYLD hook

Limitations

• Hardened apps: SIP-protected applications (most Apple-signed apps) cannot be injected via DYLD
• Firefox: No remote geolocation API; requires manual configuration via about:config
• Safari: JavaScript injection does not persist across page navigations; the override is page-scoped
• CDP: Requires Chrome to be launched with the debug flag; existing sessions without the flag cannot be spoofed

License

MIT License — see LICENSE.

Credits

Developed by Terabitlab.