iOS Application & Pentesting Background null Bangalore Humla 19 April 2025 iOS Pentesting Workshop
Abstract
● iOS Architecture Overview
● Understanding Jailbreak & Its Types
● Rootless vs. RootFul Jailbreaks
● Jailbreaking an iDevice (Multiple Methods)
○ Unc0ver, Palera1n (Rootful & Rootless), Dopamine, Dopamine RootHide, Bootstrap RootHide etc.
● Don't Get Jailbroken by a Jailbreak: Spot the Fakes!
● Physical Device vs. Corellium for Testing
● IPA File Structure Breakdown (Swift, Cordova, Flutter & XAMARIN)
● Installing iOS Applications on Jailbroken & Non-Jailbroken Devices (Various Methods)
● iOS Application Sandbox Structure
● Necessary Tools Installation
● Extracting & Dumping Decrypted IPA Files (Multiple Methods)
● Static Analysis of Applications (Manual & Automated Approaches)Exploring Some Basic Vulnerabilities:
● Testing Local Storage Security (Filza & Objection)
● Assessing Application Binary Protection
● Dumping & Analyzing Sensitive Data in Keychain
● Performing Memory Dumps
Speaker
Timing
Starts at Saturday April 19 2025, 09:00 AM. The sessions runs for about 4 hours.