iOS Hacking Course 1


Free Registration/Login to iOS Hacking Course

Pentesting iOS Applications
This course will walk through the methodology for identifying security issues in iPhone Devices and IOS applications. It is hands on video course teaching step by step, the basics of Network analysis, Static/runtime analysis, forensics and reverse engineering.
Module 1 Introduction to IDevices and IOS Applications
In this module, we will learn about the IOS operating system, design, security architecture and the various ways the platform protects its user from malware and other threats. We will discuss Sandboxing and application isolation principles.
Unit 1 Course Introduction
Module 2 OWASP Top 10 Mobile Risks
In this module, we will discuss the OWASP top 10 and how it relates to mobile security.
Unit 1 OWASP Top 10 Mobile Risks
Module 3 Jailbreaking and Installing Tools
In this module we will discuss briefly how to jailbreak the IOS device and install tools for analysis and Pentesting. We will install SSH, Cycript, Class dump Z, Wget, unzip, Erica utilities and much much more..
Unit 1 Jailbreak
Unit 2 SSH Install
Unit 3 SSH LOGIN
Unit 4 Before Installing Tools
Unit 5 Installing Tools
Module 4 XCode Basics
In order to learn about IOS hacking, it is always good to have some background on how iPhone applications are developed. In this module, we will show the inner workings of XCode and write couple of sample applications.
Unit 1 Intro to XCODE - Demo1
Unit 2 Intro to XCODE - Demo2
Module 5 IOS Network Communications.
In this module, we will discuss how to monitor the traffic that originates from IOS Application and browser. Monitoring network communication is a vital part in pentesting IOS applications.
Unit 1 Capturing Network Traffic
Module 6 IOS Forensics
This modules will discuss how to search for sensitive information within the iPhone device. We will look at Plist, SQLlite databases, Keychain, Browser caches etc.
Unit 1 Basic Forensics
Unit 2 PList
Unit 3 Keychain Container
Unit 4 IOS BinaryCookies
Module 7 Installing Custom Applications in IOS device
In this module, we will see how to install custom application is a real IOS device like iPhone, iPod, iPad. We will generate custom certificates and perform some hacks to accomplish this.
Unit 1 Deploying Custom App in IOS Device
Module 8 Develop Malicious Apps
In this course, we will show how it is possible to develop malicious apps. using UIPasteBoard.
Unit 1 Developing Malware POC
Module 9 Runtime Analysis using Class-Dump-Z and Cycript.
In this module, we will discuss how to extract class header information using Class-Dump-Z and perform runtime analysis using Cycript. We will also alter the flow of an application and change its behavior yo bypass authentication requirements.
Unit 1 Cycript Runtime Analysis
Module 10 Decrypting IOS Applications
We will discuss how to decrypt IOS applications using Clutch.
Unit 1 Decrypting IOS Applications
Module 11 Runtime Analysis using Introspy
We will discuss another approach to perform runtime analysis. We will take up two examples using this tool.
Unit 1 Runtime Analysis Using Introspy
Unit 2 Runtime analysis using Introspy 2
Module 12 Conclusion
We will summarize the various things learned in this course and provide useful references.
Unit 1 Course Summary