16
Basics of Jewel Joy n | u con

iOS Application Penetration Testing

Embed Size (px)

DESCRIPTION

null Trivandrum Chapter - July 2013 Meet

Citation preview

Page 1: iOS Application Penetration Testing

Basics of

Jewel Joy

n | u con

Page 2: iOS Application Penetration Testing

Faculty at NIIT

Developer

Information Security Analyst

Page 3: iOS Application Penetration Testing
Page 4: iOS Application Penetration Testing
Page 5: iOS Application Penetration Testing
Page 6: iOS Application Penetration Testing
Page 7: iOS Application Penetration Testing
Page 8: iOS Application Penetration Testing

iOS is from the famous UNIX family iOS is derived from the Mac OS X iOS for iPhone,iPad,iPod

Page 9: iOS Application Penetration Testing

Browser based applications Native Applications Hybrid Applications

Page 10: iOS Application Penetration Testing

Programmed using Objective – C Objective-C is OOP form of the famous C

language It is a mix of C language and Smalltalk Cocoa Touch Framework is used to build iOS

framework Xcode is the SDK for buliding iOS

applications

Page 11: iOS Application Penetration Testing

Xcode & Objective C Simulators Run the app in the actual device

Page 12: iOS Application Penetration Testing

Android Apps Java Mobile Apps Windows Phone Apps Windows Mobile Apps iOS applications

Page 13: iOS Application Penetration Testing

What is penetration testing ? Do we need to do it for mobile apps also ?

Page 14: iOS Application Penetration Testing

Secure Boot Chain Loading trusted applications Application Isolation Data Encryption

Hardware Crypto UID, GID Keys Data & File Protection Keychain File Encryption

Network Security

SSL and TLS VPN Wifi

Page 15: iOS Application Penetration Testing

Jail break & Unjailbreak

Evasion tool for Jailbreaking iTunes for Updating the device

Data in Transit Analysis

Wire Shark Burp Suite

Data in storage Analysis

iExplorer Keychain dumber Sqlite Browser Windows Machine Otools

Page 16: iOS Application Penetration Testing

Questions ?


Penetration testing Professional

Penetration testing Professional

Documents
OWASP Melbourne - Introduction to iOS Application Penetration Testing

OWASP Melbourne - Introduction to iOS Application Penetration Testing

Technology
Penetration Testing Methodologies Testing... · penetration testing, aiutando la comunità di sicurezza nella scelta del percorso migliore per il penetration testing. Il termine open

Penetration Testing Methodologies Testing... · penetration testing, aiutando la comunità di sicurezza nella scelta del percorso migliore per il penetration testing. Il termine open

Documents
iOS Application Penetration Testing for Beginners

iOS Application Penetration Testing for Beginners

Technology
Introduction to iOS Penetration Testing

Introduction to iOS Penetration Testing

Internet
Introduction to IOS Application Penetration Testing

Introduction to IOS Application Penetration Testing

Technology
Firewall Penetration Testing

Firewall Penetration Testing

Technology
BackTrack 5 Wireless Penetration Testing Beginner's …cdn.ttgtmedia.com/...BackTrack-5-Wireless-Penetration-Testing-eBook... · BackTrack 5 Wireless Penetration Testing Beginner's

BackTrack 5 Wireless Penetration Testing Beginner's …cdn.ttgtmedia.com/...BackTrack-5-Wireless-Penetration-Testing-eBook... · BackTrack 5 Wireless Penetration Testing Beginner's

Documents
Penetration Testing Introduction to iOS - skosowski.com · Android folks? 3. Agenda 4 ... Source: Hacking and Securing iOS Applications - J. Zdziarski. Objective-C Call Graph 13

Penetration Testing Introduction to iOS - skosowski.com · Android folks? 3. Agenda 4 ... Source: Hacking and Securing iOS Applications - J. Zdziarski. Objective-C Call Graph 13

Documents
Penetration Testing Report - E-SPIN Group · Penetration Testing Report Independent / 3rd party Web Application Vulnerability & Security Assessment / Penetration Testing / Audit (come

Penetration Testing Report - E-SPIN Group · Penetration Testing Report Independent / 3rd party Web Application Vulnerability & Security Assessment / Penetration Testing / Audit (come

Documents
PENETRATION TESTING SERVICES - Opposition Security · PENETRATION TESTING SERVICES Opposition Security penetration testing services evaluate your security program in depth to find

PENETRATION TESTING SERVICES - Opposition Security · PENETRATION TESTING SERVICES Opposition Security penetration testing services evaluate your security program in depth to find

Documents
Penetration Testing Presentation

Penetration Testing Presentation

Documents
Penetration Testing - University of Texas at Dallascsi.utdallas.edu/...Penetration_Testing...Slides.pdf · Penetration Testing. What is penetration testing? Attempt to bypass security

Penetration Testing - University of Texas at Dallascsi.utdallas.edu/...Penetration_Testing...Slides.pdf · Penetration Testing. What is penetration testing? Attempt to bypass security

Documents
Writing a Penetration Testing Report - Abaxio · (Sample Penetration Testing Report Black Box Penetration Testing For GPEN.KM V1.0 Month dd th, ... Title Black Box Penetration Testing

Writing a Penetration Testing Report - Abaxio · (Sample Penetration Testing Report Black Box Penetration Testing For GPEN.KM V1.0 Month dd th, ... Title Black Box Penetration Testing

Documents
Web Application Penetration Testing · Penetration Testing By: Frank Coburn & Haris Mahboob. Take Aways Overview of the web app penetration ... §Penetration testing vs vulnerability

Web Application Penetration Testing · Penetration Testing By: Frank Coburn & Haris Mahboob. Take Aways Overview of the web app penetration ... §Penetration testing vs vulnerability

Documents
Ruxmon April 2014 - Introduction to iOS Penetration Testing

Ruxmon April 2014 - Introduction to iOS Penetration Testing

Technology
Web Applications Penetration Testingcs1160315/WebPenetration... · 2018. 3. 3. · Penetration testing typically includes network penetration testing and application security testing

Web Applications Penetration Testingcs1160315/WebPenetration... · 2018. 3. 3. · Penetration testing typically includes network penetration testing and application security testing

Documents
iOS Penetration Testing978-1-4842-2355...iOS Penetration Testing: A Definitive Guide to iOS Security Kunal Relan Noida, Uttar Pradesh India ISBN-13 (pbk): 978-1-4842-2354-3 ISBN-13

iOS Penetration Testing978-1-4842-2355...iOS Penetration Testing: A Definitive Guide to iOS Security Kunal Relan Noida, Uttar Pradesh India ISBN-13 (pbk): 978-1-4842-2354-3 ISBN-13

Documents
Introduction to iOS Penetration Testing - 0x00 · PDF fileAgenda 4 What we will cover: Introduction to iOS iOS security model Basics of Objective-C runtime Setting up testing environment

Introduction to iOS Penetration Testing - 0x00 · PDF fileAgenda 4 What we will cover: Introduction to iOS iOS security model Basics of Objective-C runtime Setting up testing environment

Documents
Network Infrastructure Penetration Testing and …...Network Infrastructure Penetration Testing and Ethical Hacking This course teaches penetration testing and will illustrate how

Network Infrastructure Penetration Testing and …...Network Infrastructure Penetration Testing and Ethical Hacking This course teaches penetration testing and will illustrate how

Documents
Learning iOS Penetration Testing - Sample Chapter

Learning iOS Penetration Testing - Sample Chapter

Technology
VAPT (Vulnerability Assessment & Penetration Testing) //Remedy · VAPT (Vulnerability Assessment & Penetration Testing) //Remedy A Division. In Penetration Testing, part of a security

VAPT (Vulnerability Assessment & Penetration Testing) //Remedy · VAPT (Vulnerability Assessment & Penetration Testing) //Remedy A Division. In Penetration Testing, part of a security

Documents
PENETRATION TESTING - Perspective Risk · PDF fileA PROVIDER OF PENETRATION TESTING SERVICES? ... Invariably, penetration testing means that the penetration testers will

PENETRATION TESTING - Perspective Risk · PDF fileA PROVIDER OF PENETRATION TESTING SERVICES? ... Invariably, penetration testing means that the penetration testers will

Documents
penetration testing

penetration testing

Technology
INFORMATION SHEET PENETRATION TESTING...Vulnerability scanning VS penetration testing Penetration testing distinguishes itself from general vulnerability scanning but the two phrases

INFORMATION SHEET PENETRATION TESTING...Vulnerability scanning VS penetration testing Penetration testing distinguishes itself from general vulnerability scanning but the two phrases

Documents
Penetration Testing Methodology

Penetration Testing Methodology

Documents
Penetration Testing Basics

Penetration Testing Basics

Technology
sap penetration testing sap penetration testing - Black Hat

sap penetration testing sap penetration testing - Black Hat

Documents
Chapter22 Penetration Testing

Chapter22 Penetration Testing

Documents
Penetration Testing - Brown University Departmentcs.brown.edu/cgc/net.secbook/se01/handouts/Ch09-PenetrationTesti… · Penetration Testing 12/7/2010 Penetration Testing 1 What Is

Penetration Testing - Brown University Departmentcs.brown.edu/cgc/net.secbook/se01/handouts/Ch09-PenetrationTesti… · Penetration Testing 12/7/2010 Penetration Testing 1 What Is

Documents