What you'll learn:
- Learn the fundamentals of iOS Application Penetration Testing
- Learn how to pentest iOS Applications built using Objective-C
- Learn how to Reverse Engineer iOS Apps using Hopper
- Learn how to patch iOS Apps using Hopper to bypass Jailbreak detection
- Learn how to patch iOS Apps using Hopper to bypass SSL Pinning
- Learn how to bypass Jailbreak detection in iOS Apps using objection
- Learn how to trace HTTP calls of an iOS app using Frida
- Learn how to trace crypto calls made by an iOS app using Frida
- Learn iOS Application Penetration Testing using the modern day tools and techniques - Good Bye to old school tools
- Learn Mobile App Pentesting to begin your bug bounty journey
This course is created with an idea of saying Bye Bye to outdated iOS application penetration testing tools and techniques. Let us learn iOS Application Penetration Testing the right way with right tools and techniques.
This course introduces students to the security concepts associated with iOS Apps developed using Objective-C (Swift iOS Apps are not used in the course). This is an intermediate level course, which begins with beginner level concepts. This course covers a variety of concepts such as iOS Application structure, Reversing iOS Apps using Hopper, Bypassing client side restrictions such as Jailbreak detection, SSL Pinning etc. This course uses two vulnerable applications developed by the instructor to demonstrate how iOS App vulnerabilities can be identified and exploited. This course teaches you how to identify a variety of iOS App vulnerabilities such as Insecure Data Storage, Insecure Logging, Weak Jailbreak detection, insecure end to end encryption, SQL Injection etc.
The best part of the course is that you will get a detailed understanding of how to trace an iOS app's runtime and write a bunch of Frida scripts to pentest the target applications. The best part of the course is that you will get a detailed understanding of how to trace an iOS app's runtime and write a bunch of Frida scripts to pentest the target applications.