Completed
AppAttest Object
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Is Attestation All We Need? Fooling Apple's AppAttest API
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Igors background
- 3 Agenda
- 4 Coverage
- 5 Clientside protections
- 6 What is tampering
- 7 Antitampering methods
- 8 Resource integrity check
- 9 Trust
- 10 AppAttest API
- 11 Sample App
- 12 Generate Initial Key
- 13 Generate Hash Value
- 14 TestKey Function
- 15 Apples Server
- 16 AppAttest Object
- 17 Validation Steps
- 18 Risk Metric
- 19 Assertion Object
- 20 Verification
- 21 Assertion Object Validation
- 22 Does it mean we are protected
- 23 Not clear acceptance
- 24 Possible hooking patching
- 25 Bypass scenarios
- 26 Bypass Scenario 1
- 27 Bypass Scenario 2
- 28 iOS Versions
- 29 Validation
- 30 Benefits
- 31 Limitations
- 32 Should you implement it
- 33 Caveats
- 34 In conclusion
- 35 Resources
- 36 Thank you