Hacking and Pentesting iOS Applications (2020 Edition)
4.2 (127 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
11,491 students enrolled

Hacking and Pentesting iOS Applications (2020 Edition)

Learn how to pentest iOS Applications using the modern day pentesting tools and techniques
4.2 (127 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
11,491 students enrolled
Last updated 7/2020
English
English [Auto]
Current price: $139.99 Original price: $199.99 Discount: 30% off
5 hours left at this price!
30-Day Money-Back Guarantee
This course includes
  • 3.5 hours on-demand video
  • 2 articles
  • 1 downloadable resource
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
Training 5 or more people?

Get your team access to 4,000+ top Udemy courses anytime, anywhere.

Try Udemy for Business
What you'll learn
  • Learn the fundamentals of iOS Application Penetration Testing
  • Learn how to pentest iOS Applications built using Objective-C
  • Learn how to Reverse Engineer iOS Apps using Hopper
  • Learn how to patch iOS Apps using Hopper to bypass Jailbreak detection
  • Learn how to patch iOS Apps using Hopper to bypass SSL Pinning
  • Learn how to bypass Jailbreak detection in iOS Apps using objection
  • Learn how to trace HTTP calls of an iOS app using Frida
  • Learn how to trace crypto calls made by an iOS app using Frida
  • Learn iOS Application Penetration Testing using the modern day tools and techniques - Good Bye to old school tools
  • Learn Mobile App Pentesting to begin your bug bounty journey
Requirements
  • The course covers all the required basics
Description

This course is created with an idea of saying Bye Bye to outdated iOS application penetration testing tools and techniques. Let us learn iOS Application Penetration Testing the right way with right tools and techniques.


This course introduces students to the security concepts associated with iOS Apps developed using Objective-C (Swift iOS Apps are not used in the course). This is an intermediate level course, which begins with beginner level concepts. This course covers a variety of concepts such as iOS Application structure, Reversing iOS Apps using Hopper, Bypassing client side restrictions such as Jailbreak detection, SSL Pinning etc. This course uses two vulnerable applications developed by the instructor to demonstrate how iOS App vulnerabilities can be identified and exploited. This course teaches you how to identify a variety of iOS App vulnerabilities such as Insecure Data Storage, Insecure Logging, Weak Jailbreak detection, insecure end to end encryption, SQL Injection etc.


The best part of the course is that you will get a detailed understanding of how to trace an iOS app's runtime and write a bunch of Frida scripts to pentest the target applications.

Who this course is for:
  • Penetration Testers
  • Mobile Application Developers
  • Security professionals who are interested in Mobile App Security
  • Anyone who is interested in ethical hacking and penetration testing
  • Anyone who is interested in information security concepts
Course content
Expand all 46 lectures 03:37:59
+ Basics of iOS Apps
3 lectures 08:44
Introduction
00:37
Introduction to iOS Apps
02:42
Helloworld iOS using Xcode
05:25
+ Setting up iOS Pentesting lab
8 lectures 44:38
Introduction
00:51
Challenges with iOS lab setup
05:36
Lab setup using a Jailbroken iDevice
09:57
Vulnerable Apps & VM - Download
00:17
Installing Vulnerable Apps on a Jailbroken iDevice
13:51
Lab setup using a Non Jailbroken iDevice - Part 1
04:08
Lab setup using a Non Jailbroken iDevice - Part 2
06:28
+ iOS Application Penetration Testing - Basics
13 lectures 53:47
Introduction
00:59
Introduction to iOS Application Pentesting
02:08
Insecure Local Data Storage vulnerabilities
10:58
Insecure Local Data Storage vulnerabilities - Non Jailbroken devices
05:48
Dumping secrets from keychain
06:25
Introduction to server side vulnerabilities - Part 1
01:32
Introduction to server side vulnerabilities - Part 2
03:03
Introduction to client side vulnerabilities
00:51
Authorization Vulnerabilties
06:56
Insecure Logging
02:17
Sensitive Data in UI Pasteboard
01:49
WebView XSS
01:38
+ iOS Application Penetration Testing - Advanced
19 lectures 01:47:44
Introduction
01:25
Decrypting iOS Applications downloaded from App Store
06:34
Introducing SecureStorev2
07:01
Dumping class information
05:37
Jailbreak detection bypass using Objection
04:12
Revisiting Insecure Local Data Storage
02:32
Revisiting Traffic Analysis
03:16
Introduction to Frida
01:08
Introduction to Frida CLI
02:33
Writing Frida scripts to trace http calls
14:16
Introduction to end to end encryption
08:31
Tracing crypto calls and dealing with end-to-end encryption
12:22
Using objection to dump crypto keys
03:53
Dumping heap using objection
03:06
Introduction to Hopper
00:49
Bypassing jailbreak detection using Hopper - iOS Application Patching
13:34
Introduction to SSL Pinning
04:36
iOS Application Patching - Bypassing SSL Pinning using Hopper
06:48