Learning iOS Penetration Testing

· Packt Publishing Ltd
Ebook
204
Pages

About this ebook

Secure your iOS applications and uncover hidden vulnerabilities by conducting penetration testsAbout This BookAchieve your goal to secure iOS devices and applications with the help of this fast paced manualFind vulnerabilities in your iOS applications and fix them with the help of this example-driven guideAcquire the key skills that will easily help you to perform iOS exploitation and forensics with greater confidence and a stronger understandingWho This Book Is For

This book is for IT security professionals who want to conduct security testing of applications. This book will give you exposure to diverse tools to perform penetration testing. This book will also appeal to iOS developers who would like to secure their applications, as well as security professionals. It is easy to follow for anyone without experience of iOS pentesting.

What You Will LearnUnderstand the basics of iOS app development, deployment, security architecture, application signing, application sandboxing, and OWASP TOP 10 for mobileSet up your lab for iOS app pentesting and identify sensitive information stored locallyPerform traffic analysis of iOS devices and catch sensitive data being leaked by side channelsModify an application's behavior using runtime analysisAnalyze an application's binary for security protectionAcquire the knowledge required for exploiting iOS devicesLearn the basics of iOS forensicsIn Detail

iOS has become one of the most popular mobile operating systems with more than 1.4 million apps available in the iOS App Store. Some security weaknesses in any of these applications or on the system could mean that an attacker can get access to the device and retrieve sensitive information. This book will show you how to conduct a wide range of penetration tests on iOS devices to uncover vulnerabilities and strengthen the system from attacks.

Learning iOS Penetration Testing discusses the common vulnerabilities and security-related shortcomings in an iOS application and operating system, and will teach you to conduct static and dynamic analysis of iOS applications.

This practical guide will help you uncover vulnerabilities in iOS phones and applications. We begin with basics of iOS security and dig deep to learn about traffic analysis, code analysis, and various other techniques. Later, we discuss the various utilities, and the process of reversing and auditing.

Style and approach

This fast-paced and practical guide takes a step-by-step approach to penetration testing with the goal of helping you secure your iOS devices and apps quickly.

About the author

Swaroop Yermalkar is a leading security researcher and technology evangelist. He is one of the top mobile security researchers worldwide, working with Synack Inc. He has worked as domain consultant in the Security Practice Group at Persistent Systems Ltd, India, where he was responsible for the security research and assessment of web, network, Android and iOS applications. He also gives talks and trainings on wireless and mobile app pentesting at various security conferences such as GroundZero, c0c0n, 0x90, DEFCON Lucknow, and GNUnify. He is acknowledged by Microsoft, Amazon, eBay, Etsy, Dropbox, Evernote, Simple bank App, iFixit, and many more for reporting high severity security issues in their mobile apps. He is an active member of null, an open security community in India, and a contributor to the regular meet-up and Humla sessions at the Pune Chapter. He holds various information security certifications, such as SLAE, SMFE, SWSE, CEH, and CHFI. He has written various articles for ClubHACK magazine and also authored a book, An Ethical Guide to Wi-Fi Hacking and Security. He has organized many eminent programs and was the event head of Hackathon—a national-level hacking competition. He had also worked with the Cyber Crime Cell, Pune, Maharashtra Police in programs such as Cyber Safe Pune. He can be contacted at @swaroopsy on Twitter.

Rate this ebook

Tell us what you think.

Reading information

Smartphones and tablets
Install the Google Play Books app for Android and iPad/iPhone. It syncs automatically with your account and allows you to read online or offline wherever you are.
Laptops and computers
You can listen to audiobooks purchased on Google Play using your computer's web browser.
eReaders and other devices
To read on e-ink devices like Kobo eReaders, you'll need to download a file and transfer it to your device. Follow the detailed Help Center instructions to transfer the files to supported eReaders.