Trail of Bits hasn't shared what detections they're looking for with iVerify, but the app has extremely limited access to your device data - the device backup or full filesystem dump approaches will give you better detection.

Trail of Bits here -- while this is mostly correct, there are also parts of the runtime that dead file forensics won't be able to identify. There's no harm in doing both and, in fact, we'd recommend it if you're concerned.

"checks"

We're using most of the exact same file-based indicators as MVT. It's really refreshing that Amnesty shared so much of what they found -- it made our own process of testing our checks against their discoveries much easier.