IOS Security Professional

Who should attend?

This course is focusing on Security Enthusiasts, IT professionals, and Mobile Application Developers ,Testers,seeking to understand typical mobile application security issues in detail.

IOS Mobile Security Guidelines & Standerds
  • Mobile OWASP Top 10
  • IOS Security Mechanisms & Security Architecture
  • Secure Boot Chain
  • MVC And Event Driven Architecture
  • ARM Processor
  • Application Isolation
  • Data Encryption & Network Security
Environment Configurations & Setup
  • Analyzing permissions
  • iOS App Development Concepts
  • Simulator vs. Emulator
  • XCode methodologies
  • iOS Simulator
  • Jailbreaking Essentials
  • Jailbroken Device Setup
  • Custom App stores
  • Testing Tools Setup
Enumeration Primer
  • Installing SSL certificate
  • Device enumeration
  • App directories lookup
  • Mobile Substrate
  • SQLite Databases analysis
  • Plist Files Enumeration
  • Class Information Analysis
  • Decrypting Appstore Applications
  • Application Trace method analysis
  • Keychain Analysis & Loopholes
  • Network Traffic Analysis
Static & Dynamic Security Testing of Applications
  • Static code analysis of an application
  • Scanning IOS applications
  • Burp Suite Essentials
  • Certificate Pinning
  • Runtime Analysis with Cycript
  • Working with Cycript + Class-dump-Z
  • Advanced Cycript Methods
  • Snoop-it & Keychain Dumper
  • Local Data Storage Issues
  • Insecure Cryptography attacks
  • Attacking URL Schemes
Advanced Penetration Testing methods
  • Machine Level Analysis basics
  • Sensitive Files Issues at memory level
  • Runtime Analysis & manipulation with GDB
  • Anti-piracy with GDB
  • Brute forcing the passwords
  • Exploitation with Metasploit
IOS forensics Essentials
Jail-breaking Detection & Evasion
Patching IOS Applications
Automated IOS Pen testing
Black Box testing Approach & Analysis
Auditing IOS Applications