IOS Penetration Testing (Bug Bounty)
About Course
IOS Penetration Testing (Bug Bounty)
Description
This course introduces students to the IOS Pentesting & IOS Bug Bounty concepts associated with IOS application pentesting. We encourage you to take this course if you are a complete beginner in IOS bug bounty world. This course uses a custom-developed on Real World IOS application pentesting to demonstrate how, web vulnerabilities can be identified and exploited. This course teaches you how to identify a variety of IOS vulnerabilities lies in the Server-side, Client-side.
Requirements:
-
The course starts from basics, however, it is good to have basic knowledge of Web applications, API Pentesting & Android pen-testing.
Topics:
Introduction & Setting up your environment
- Mobexler OS
- Using MacOS on a Windows Machine
- Simulators and Emulators
- Jailbreaking and its Types
- Jailbreak iOS 15,16,17 devices
- Capturing HTTP Requests from an iOS device!
Introduction to iOS file Structure
- Introduction to iOS Applications
- All about Info .plist files
- Discovering UDID
- iPhone Shell
- Transferring data between iPhones and PC
- Extracting and Decrypting IPAs
- Sideloading iOS Applications
- iOS Data Protection
- iOS Keychain
- iOS App Capabilities and Purpose Strings
OWASP Mobile TOP 10 2024
- What is OWASP?
- M1: Improper Credential Usage
- M2: Inadequate Supply Chain Security
- M3: Insecure Authentication/Authorization
- M4: Insufficient Input/Output Validation
- M5: Insecure Communication
- M6: Inadequate Privacy Controls
- M7: Insufficient Binary Protections
- M8: Security Misconfiguration
- M9: Insecure Data Storage
- M10: Insufficient Cryptography
Static Analysis
- Automatic Static Analysis using MobSF
- FileSystem Analysis
- App Logs Analysis
- Hardcoded Credentials
- Database Analysis
- Keychain Analysis
- Pasteboard Analysis
- WebViews Analysis
- Applications Memory Analysis
- Insecure APIs/Functions Analysis
- Reverse Engineering using iRET
- Reverse Engineering using Hopper
Dynamic Analysis
- Tweaks, Cydia/Sileo, Substitute
- Installing Tweaks
- Installing Frida
- Jailbreak Detection
- Jailbreak Detection Bypass using Frida
- Jailbreak Detection Bypass using Shadow
- Jailbreak Detection Bypass using Liberty
- Jailbreak Detection Bypass using A-Bypass
- Jailbreak Detection Bypass using Objection
- Jailbreak Detection other Utilites
- SSL Pinning
- SSL Pinning Bypass using Frida
- SSL Pinning Bypass using SSL Kill Swtich
- SSL Pinning Bypass using Objection
- TouchID/FaceID Bypass
- iOS Security Framework iNalyzer
- Simple iOS app blackbox assessment tool – Passionfruit
- Objection Framework and its commands!
- Blackbox tool Introspy
- Dump Keychain Values – keychaindumper
- Read Cookies – BinaryCookieReader
- Load desired View Controller – Scwapper
- Solving Vulnerable Application – iGoat & DVIA
Multiple Live Attack PoCs
Learning from iOS Hacker one Reports
Tips & Tricks & Doubts
- IOS Pentesting Checklist
- Setting up your custom Methodology
- How to create your own Nuclei templates for iOS Pentesting Nuclei
- Using Objection and Frida without Jailbreaking the device
- IOS Frida Scripts
IOS Bug Bounty Hunting on Real World Applications
- Live IOS Bug Bounty Targets Hunting
Benefits :
- Get ISO Certified Certification
Course Content
Introduction to IOS Penetration Testing / Bug Bounty
-
Join IOS Penetration Testing Community Group to Join Live Classes
00:00