вівторок, 19 листопада 2013 р.

iOS app security testing

Після зданого проекту захотілося докопати тему до якогось логічного кінця. Відчував що проект ще не закінчений. Треба було приготувати Case Study, поділитися досвідом з іншими, підготувати черговий Security Hole #9.

Шукав довго, а все можна сказати лежало на поверхні. Частину ще навіть не встиг розпарсати але викладаю для пришвидшення вашого розвитку тут.


IOS Application security Part 1 – Setting up a mobile pentesting platform
IOS Application security Part 2 – Getting class information of IOS apps
IOS Application security Part 3 – Understanding the Objective-C Runtime
iOS Application Security Part 4 – Runtime Analysis Using Cycript (Yahoo Weather App)
IOS Application security Part 5 – Advanced Runtime analysis and manipulation using Cycript (Yahoo Weather App)
IOS Application Security Part 6 – New Security Features in IOS 7
IOS Application Security Part 8 – Method Swizzling using Cycript
IOS Application Security Part 9 – Analyzing Security of IOS Applications using Snoop-it
IOS Application Security Part 10 – IOS Filesystem and Forensics
IOS Application Security Part 11 – Analyzing Network Traffic over HTTP/HTTPS
IOS Application Security Part 12 – Dumping Keychain Data
IOS Application Security Part 13 – Booting a custom Ramdisk using Sogeti Data Protection tools
IOS Application Security Part 14 – Gathering information using Sogeti Data Protection tools
IOS Application Security Part 15 – Static Analysis of IOS Applications using iNalyzer
IOS Application Security Part 16 – Runtime Analysis of IOS Applications using iNalyzer
IOS Application Security Part 17 – Black-box assessment of IOS Applications using Introspy
IOS Application Security Part 18 – Detecting custom signatures with Introspy
IOS Application Security Part 19 – Programmatical Usage of Introspy
IOS Application Security Part 20 – Local Data Storage (NSUserDefaults, CoreData, Sqlite, Plist files)
IOS Application Security Part 22 – Runtime Analysis and Manipulation using GDB

1 коментар:

  1. Thanks for this blog. provided great information. All the details are explained clearly with the great explanation. Thanks for this wonderful blog. Step by step processes execution are given clearly.Know the details about different thing.
    Mobile App Development Company
    Android app Development Company
    ios app development Company
    Mobile App Development Companies

    ВідповістиВидалити