Год издания: 2016
Автор: Yermalkar S.
Издательство: Packt Publishing
Качество: Издательский макет или текст (eBook)
Интерактивное оглавление: Да
Количество страниц: 204
Описание: iOS has become one of the most popular mobile operating systems with more than 1.4 million apps available in the iOS App Store. Some security weaknesses in any of these applications or on the system could mean that an attacker can get access to the device and retrieve sensitive information. This book will show you how to conduct a wide range of penetration tests on iOS devices to uncover vulnerabilities and strengthen the system from attacks.
Learning iOS Penetration Testing discusses the common vulnerabilities and security-related shortcomings in an iOS application and operating system, and will teach you to conduct static and dynamic analysis of iOS applications.
This practical guide will help you uncover vulnerabilities in iOS phones and applications. We begin with basics of iOS security and dig deep to learn about traffic analysis, code analysis, and various other techniques. Later, we discuss the various utilities, and the process of reversing and auditing.
What You Will Learn
- Understand the basics of iOS app development, deployment, security architecture, application signing, application sandboxing, and OWASP TOP 10 for mobile
- Set up your lab for iOS app pentesting and identify sensitive information stored locally
- Perform traffic analysis of iOS devices and catch sensitive data being leaked by side channels
- Modify an application’s behavior using runtime analysis
- Analyze an application’s binary for security protection
- Acquire the knowledge required for exploiting iOS devices
- Learn the basics of iOS forensics
1: Introducing iOS Application Security
2: Setting up Lab for iOS App Pentesting
3: Identifying the Flaws in Local Storage
4: Traffic Analysis for iOS Application
5: Sealing up Side Channel Data Leakage
6: Analyzing iOS Binary Protections
7: The iOS App Dynamic Analysis
8: iOS Exploitation
9: Introducing iOS Forensics