
Set up the Mobexler environment for iOS pentesting by installing the mob file on VMware or VirtualBox, tuning RAM, and exploring bundled tools like burpsuite, grapefruit, and objection.
Learn how iOS applications are packaged as ipa bundles, with a name.app containing assets, frameworks, info.plist, and payload, and how code signatures and core data influence installation and testing.
Understand udid, a 40-digit unique device identifier that identifies an iOS device and parallels a mac address. View udid in the iPhone about section or in Finder when connected.
Learn how to securely copy files from an iOS device to a PC using SCP over SSH, specifying port 22, root authentication, and verifying the password.txt file transfer.
Explore extracting and decrypting ipas within the complete iOS pentesting & bug bounty course, using frida iOS dump, frida setup, ssh over usb, and the dump script.
Learn to sideload iOS apps by manually signing and installing them with Altstore. The video covers two methods, including using Apple ID sign-in, seven-day expiry, and a three-app limit.
Explore insecure data storage from OWASP Top Ten 2016, where usernames and passwords are stored in a local database or clear text on the device file system, risking attacker access.
Explore insecure communication and authentication in mobile apps, including HTTP use, outdated TLS, TLS pinning bypass, OTP leakage, privacy leaks, and weak password policies that enable unauthorized access.
Analyze insufficient cryptography by examining weak hashing algorithms like md5 and sha-1 in a vulnerable iOS app, and advocate for strong hashing and encryption practices.
Explore OWASP mobile risk categories M6 through M10, including secure authorization, access control, code tampering, reverse engineering, and extraneous functionality, with defenses like signature verification and code obfuscation.
Discover how core data uses sqlite for persistent storage and how insecure storage can expose sensitive user information. Encrypt data before storing it with strong encryption.
Explore how iOS web views load websites inside apps and how javascript vulnerabilities like cross-site scripting can be exploited across Uiwebview, Webview, and Safari View Controller.
Learn to locate insecure APIs and memory allocation functions in an app binary using a grep-based verification workflow, spotting MD5, SHA1, random, and malloc usage for reporting.
Perform dynamic analysis of iOS apps, and learn how jailbroken devices use tweaks, substitute, and third-party app stores like Cydia or Sileo to install and manage tweaks.
Learn how to bypass jailbreak detection using Liberty Lite by installing it from a repository, enabling it, and validating that jailbreak detection is bypassed within apps.
learn how a bypass tool evades jailbreak detection on iOS 14 and later by installing from a source and enabling the bypass to demonstrate detection evasion.
Discover how objection, a runtime mobile exploration toolkit, enables iOS jailbreak detection bypass by hooking apps, running iOS jailbreak disable, and returning not jailbroken.
Explore bypassing jailbreak detection in iOS apps using a range of tweaks and scripts, and review resources to evaluate which approach best helps pentest targets.
Learn to bypass local authentication by spoofing touch ID and face ID on iOS apps using Frida and objection, covering setup, commands, and demo scenarios.
Perform a live attack on the 99 acres iOS app to demonstrate static and dynamic analysis, including jailbroken-device checks, secrets exposure, and rate-limiting vulnerabilities.
Explore an iOS pentesting mind map outlining static and dynamic analysis checks and tools to uncover vulnerabilities. It includes app ecosystem, sensitive strings, weak crypto, SSL pinning, and jailbreak detection.
Link to article: https://infosecwriteups.com/frida-objection-without-jailbreak-27a66501bf38
Link to Hacker Reports:
https://hackerone.com/reports/746541
https://hackerone.com/reports/7036
https://hackerone.com/reports/168538
https://hackerone.com/reports/575562
https://hackerone.com/reports/328486
Link to Frida Scripts: https://github.com/TheBountyBox/Awesmoe-Frida-Scripts
WhatsApp Group Link: https://chat.whatsapp.com/BOsUK5sS2L0B9T3XEFiDJb
My social handles:
Linkedin: https://www.linkedin.com/in/vaibhav-lakhani
Twitter: https://www.twitter.com/vlakhani28
Instagram: https://www.instagram.com/vlakhani28
Follow our Social Media Pages:
Medium: https://medium.com/@302Found
Instagram: https://instagram.com/__302found
Twitter: https://twitter.com/_302found
Linkedin: https://www.linkedin.com/company/302found
Welcome to The complete iOS Pentesting & Bug Bounty Course. This course covers about how security works in iOS devices and how vulnerabilities can be found in iOS applications.
The course starts with the basics of how you can set up your hacking environment and then gradually moves on to how security works in iOS Applications.
The course also shows you the different types of Jailbreak and how you can Jailbreak your iOS Device.
The course also covers OWASP Mobile Top 10 and would cover all the categories of OWASP Mobile Top 10 with practical examples.
The course also includes a detailed overview of iOS Security such as Keychain, Device Management, Data Protection etc.
The major section of iOS Pentesting is the Static and the Dynamic Analysis where most of the vulnerabilities would be covered with practical approaches. These approaches can also be used to find vulnerabilities in bug bounty programs.
At the end of the course, you would be exposed to certain Tips and Tricks that will make your upgrade iOS Pentesting skills. These tips will help you to differentiate yourself from others.
This course also includes the Breakdown of some Hackerone Reports which are found and submitted by other hackers for better understanding.