Autoplay
Autocomplete
Previous Lesson
Complete and Continue
iOS Application Security
Introduction to the Course
Teaser - iOS Application Security (1:32)
Revisiting iOS Application Security - v.2023
Download Training Presentation
Why Revisiting iOS Application Security? (3:26)
Setting up iOS Penetration Testing Lab in 2023 (13:47)
What's new?? (6:58)
iOS Platform Overview (18:23)
Understanding iOS Security Architecture (16:37)
Code Integrity in iOS (16:50)
Exploring Fast Permission Restrictions in iOS (7:05)
Understanding Pointer Authentication Code (6:15)
Demystifying Secure Boot Process (6:20)
Revisiting Signed System Volume and Code signing (6:39)
Encryption and Data Protection in iOS (9:44)
Basics of iOS Security
Basics Of iOS Security: iOS Security Mechanisms (11:05)
Basics Of iOS Security: iOS MCS and Sandbox (15:57)
Basics Of iOS Security: iOS Sandbox and Data Protection (17:42)
iOS Security Architecture Part -1 (9:49)
iOS Security Architecture Part -2 (6:44)
Mobile Provisioning Profile, Create sample app & Jailbreaking
Basics of Jailbreaking (6:00)
Mobile Provisioning, Creating sample app using Xcode (7:27)
Installing Jailbreak IPA without Cydia Impactor (11:01)
Managing apps on iOS device (33:32)
Setting up the Lab
Required tools for testing (6:53)
Jailbreaking device and shell access (10:41)
Static Analysis of iOS Applications
Static Analysis (17:35)
Static Analysis Solution (4:35)
Intercepting Network Traffic
Setting up the Network Interception (7:09)
Introduction to Frida (15:02)
Basic Frida Usage (15:04)
SSL Pinning Bypass via Frida (10:38)
Intercepting Device Traffic (4:45)
API Challenge Solution (13:27)
URL Scheme and Deeplinking (7:22)
Deeplink Solution (12:32)
Local Data Storage
Introduction to Data Storage and Filesystem Enumeration (9:13)
Finding Creds in Plist Files (2:39)
Finding Creds in Sqlite db Files (3:37)
Sqlite Challenge Solution (3:26)
Keychain Data Storage (9:48)
Introduction to Frida and Dynamic Testing
Jailbreak Detection Challenge (6:34)
Jailbreak Detection Solution (11:58)
Automation Using Objection (20:33)
Pentesting on non-jailbroken devices (16:11)
Getting Started With Reverse Engineering
Basics of Reverse Engineering with Radare2 - Part 1 (30:43)
Basics of Reverse Engineering with Radare2 - Part 2 (8:25)
Basic of Reverse Engineering with Radare2 - Part 3 (38:04)
Reverse engineering Swift apps
Reversing swift iOS apps with Radare2 - Part 1 (13:31)
Reversing swift iOS apps with Radare2 - Part 2 (24:38)
Some more advance stuff
Frida use case - UI brute force with Frida (10:08)
Binary Patching Using Ghidra To Bypass SSL Pinning (20:06)
Getting started with kernel debugging (14:52)
Revisiting iOS Application Security...The Hidden Code (12:26)
Credits and Acknowledgments
Credits and Acknowledgements (2:40)
Teaser - iOS Application Security
Complete and Continue