Hacking and Pentesting iOS Applications

Name: Hacking and Pentesting iOS Applications
Rating: 4.8 (714 reviews)

Learn how to pentest iOS Applications using the modern day pentesting tools and techniques

Created bySrinivas .

Last updated 7/2021

English

What you'll learn

Learn the fundamentals of iOS Application Penetration Testing
Learn how to pentest iOS Applications built using Objective-C
Learn how to Reverse Engineer iOS Apps using Hopper
Learn how to patch iOS Apps using Hopper to bypass Jailbreak detection
Learn how to patch iOS Apps using Hopper to bypass SSL Pinning
Learn how to bypass Jailbreak detection in iOS Apps using objection
Learn how to trace HTTP calls of an iOS app using Frida
Learn how to trace crypto calls made by an iOS app using Frida
Learn iOS Application Penetration Testing using the modern day tools and techniques - Good Bye to old school tools
Learn Mobile App Pentesting to begin your bug bounty journey

Course content

7 sections • 48 lectures • 3h 41m total length

Course Introduction2:35

Introduction0:51
Challenges with iOS lab setup5:36
Lab setup using a Jailbroken iDevice9:57
Vulnerable Apps & VM - Download0:28
Installing Vulnerable Apps on a Jailbroken iDevice13:51
Solution to issues with installing Vulnerable Apps0:41
Lab setup using a Non Jailbroken iDevice - Part 14:08
Learn to set up a lab on a non jailbroken iPhone by injecting a Frida dylib, patching an IPA with objection, and signing with Apple sign and a provisioning profile.
Lab setup using a Non Jailbroken iDevice - Part 26:28
Embed the Frida gadget into the app payload and deploy with iOS deploy to debug on a non-jailbroken device; trust the developer certificate and attach Frida to inspect the app.
Signing and installing a third party application3:30
[October Update] Re-verification of installation method2:03

Introduction0:59
Introduction to iOS Application Pentesting2:08
Introduction to iOS Traffic Analysis9:23
Insecure Local Data Storage vulnerabilities10:58
Insecure Local Data Storage vulnerabilities - Non Jailbroken devices5:48
Dumping secrets from keychain6:25
Introduction to server side vulnerabilities - Part 11:32
Identify server-side vulnerabilities in mobile apps by examining backend REST APIs. Explore issues like SQL injection, XXY, rate limiting, brute forcing, hidden APIs, and unintended data exposure.
Introduction to server side vulnerabilities - Part 23:03
Intercept login requests to reveal credentials in logs, expose cleartext passwords via backend responses, and demonstrate SQL injection that allows unauthorized access to user data.
Introduction to client side vulnerabilities0:51
Authorization Vulnerabilties6:56
Insecure Logging2:17
Explore how application logs can expose sensitive data, as passwords are logged to device console during testing. Learn to identify and prevent insecure logging in production apps, a client-side vulnerability.
Sensitive Data in UI Pasteboard1:49
WebView XSS1:38
Explore how a webview-based iOS app's secure store page can suffer client-side injection via man-in-the-middle tampering of remote HTML, enabling JavaScript execution and phishing credential theft.

Introduction1:25
Learn to bypass client-side restrictions in secure store v2 iOS apps using runtime manipulation, bypass jailbreak detection, handle end-to-end encryption and SSL pinning, and reverse engineer with Hopper disassembler.
Decrypting iOS Applications downloaded from App Store6:34
Introducing SecureStorev27:01
Dumping class information5:37
Jailbreak detection bypass using Objection4:12
Revisiting Insecure Local Data Storage2:32
This lecture shows how secure store v2 fixes local data storage by encrypting on-disk data, including tokens and bank details, while email remains unencrypted without the decryption key.
Revisiting Traffic Analysis3:16
Introduction to Frida1:08
Introduction to Frida CLI2:33
Introduction to frida-trace5:31
Writing Frida scripts to trace http calls14:16
Introduction to end to end encryption8:31
Explore how end to end encryption in mobile apps blocks pentest traffic and hides data. Discover methods like certificate handling, ssl pinning bypass, and runtime tracing to obtain keys.
Tracing crypto calls and dealing with end-to-end encryption12:22
Using objection to dump crypto keys3:53
Learn to use objection to hook iOS methods, monitor calls, and dump arguments, return values, and backtraces for practical iOS pentesting and key extraction.
Dumping heap using objection3:06
Introduction to Hopper0:49
Bypassing jailbreak detection using Hopper - iOS Application Patching13:34
Introduction to SSL Pinning4:36
iOS Application Patching - Bypassing SSL Pinning using Hopper6:48

Requirements

The course covers all the required basics

Description

This course is created with an idea of saying Bye Bye to outdated iOS application penetration testing tools and techniques. Let us learn iOS Application Penetration Testing the right way with right tools and techniques.

This course introduces students to the security concepts associated with iOS Apps developed using Objective-C (Swift iOS Apps are not used in the course). This is an intermediate level course, which begins with beginner level concepts. This course covers a variety of concepts such as iOS Application structure, Reversing iOS Apps using Hopper, Bypassing client side restrictions such as Jailbreak detection, SSL Pinning etc. This course uses two vulnerable applications developed by the instructor to demonstrate how iOS App vulnerabilities can be identified and exploited. This course teaches you how to identify a variety of iOS App vulnerabilities such as Insecure Data Storage, Insecure Logging, Weak Jailbreak detection, insecure end to end encryption, SQL Injection etc.

The best part of the course is that you will get a detailed understanding of how to trace an iOS app's runtime and write a bunch of Frida scripts to pentest the target applications. The best part of the course is that you will get a detailed understanding of how to trace an iOS app's runtime and write a bunch of Frida scripts to pentest the target applications.

Who this course is for:

Penetration Testers
Mobile Application Developers
Security professionals who are interested in Mobile App Security
Anyone who is interested in ethical hacking and penetration testing
Anyone who is interested in information security concepts

Hacking and Pentesting iOS Applications

What you'll learn

Explore related topics

Course content

Course Introduction1 lecture • 3min

Basics of iOS Apps3 lectures • 9min

Setting up iOS Pentesting lab10 lectures • 48min

iOS Application Penetration Testing - Basics13 lectures • 54min

iOS Application Penetration Testing - Advanced19 lectures • 1hr 48min

Conclusion1 lecture • 1min

Bonus Section1 lecture • 1min

Requirements

Description

Who this course is for: