<img src="https://s3-us-west-2.amazonaws.com/secure.notion-static.com/5eb252ab-43cc-4375-b659-a6e34f2eb9b0/4073090.png" alt="https://s3-us-west-2.amazonaws.com/secure.notion-static.com/5eb252ab-43cc-4375-b659-a6e34f2eb9b0/4073090.png" width="40px" /> Fully virtual and fully hands-on, this course with a veteran mobile security expert aims to arm security champions, advanced developers, testers and pentesters with the skills, in-depth knowledge and battle-proven techniques necessary to exploit and test iOS applications. The boutique course also covers unique platform features and security services that make developers’ lives easier – and create new difficulties for penetration testers. Starting from the ground up, the course discusses the Cupertino philosophy towards security on the iOS platform, consequent approaches to security mechanisms, developer choices and associated risks. You’ll get a quick start on analysing iOS applications both statically and using a physical device (nevertheless, an up-to-date iOS 15 device will do just fine as a build target in Xcode). You’ll learn to add Frida and Burp to your tooling arsenal. Attendees will complete the course with all of the knowledge they need to get hands-on with real mobile application testing and take their skills even further.
🗓️ Booking is open for classes:
SEP 20+22 [TU,TH] EU/UK/SG time
💳 Book now, secure your seat, get your corporate invoice or an individual payment link, pay later!
Via the booking/enrolment form or
def.dev | LinkedIn
🗣️ Contact us with any additional questions. Let's settle your concerns :) by setting up a call (form) or via [email protected] or dm to @defdeveu or call +32476222722
- iOS as a platform. Fundamentals of the iOS app security architecture. iBoot, the Secure Enclave, the Keychain, TouchID/FaceID.
- Building a test environment. Dependencies on the test device and on the Mac. Jailbreaking, tools and methods.
- Frida and Objection. How to script Frida and Objection. Frida 101. Advanced use of the Frida suite (frida, firda-trace etc.)
- Applications and binaries in iOS. Signatures, developer certificates and signature artifacts within an iOS binary. The Mach-O format. Security features and delicacies (encryption, fat binaries, thinning, load header analysis, iOS/Swift class header reconstruction etc.)
- Secure data storage issues within iOS apps. Analysing the binary, the IPA resources and the sandbox. Analysing data on the Keychain. Environment mapping and multiple ways to dump a sandbox of an iOS app.
- Cryptography. Tracing and mapping crypto in an iOS app. Instrumenting CCCrypt and any wrapper API. Detailed access to cryptographic primitives with input/output parameters and returned values using Frida and Objection.
- User authentication. Local non-biometric authentication, bypassing naively implemented local PIN screens. Local biometric authentication, typical design flaws and bypassability. Remote authentication, typical issues in OAuth2. How to combine flaws in local and remote authentication deployments.
- Network interactions. ATS, certificate pinning and bypassing restrictions to intercept network traffic using standard HTTP proxies (burp, mitmproxy) and non-HTTP traffic interception (socat).
- WebView issues. How to detect and exploit weak UIWebView/WKWebView instances in an application.
- Deep linking. How to identify weak and vulnerable implementations of Universal Linking/Custom Protocol Handlers. Fuzzing and exploitation.
Who should attend the training:
- Developers and testers who want to have an intimate understanding of how their applications can be attacked after release
- Pentesters who want to have an organized understanding of the subject and always want a trick up their sleeve
Attendees will be provided with:
- Detailed information on individual vulnerabilities and insecure patterns and how they can be exploited