ios exploitation and security training
iOS Exploitation and security training is a division of Security Assessment Domain that concentrates on pentesting iOS Mobile Applications .This course is intended students/professionals who are intended to make career in mobile penetration testing domain.
The course covers in and out of Penetration testing of iOS Apps in depth .iOS Exploitation and Security course is a highly practical and instructor-led training. This course begins with very basics keeping beginners in mind. This iOS Exploitation and security training starts with an introduction into the specifics of the iOS platform so that candidates with or without deep knowledge of iOS are on the same track.
with iOS exploitation and security training candidate will learn iOS Architecture issues ,iOS Security standards ,Decryption of iOS applications , reversing the code quality , Scanning up the targeted issues , Exploiting the conman vulnerabilities of Device and iOS Apps, ,Forensics of iOS devices , Network monitoring on iDevices and finally some automated tools to complete the task. We will more concentrate on real world vulnerabilities in iOS applications, daemons, services, and Apple’s iMessage.
For each topic we have selected a number of previously disclosed real world vulnerabilities so that candidates can learn from real examples and not only via mock up bugs.
Moreover iOS exploitation and security training is designed as a complete guide to understand and practice iOS Mobile app hacking efficiently in real time. This is online certification Course by Certcube Labs .We will provide study material and references to get more understanding and learning .
CYBER SECURITY PRE-REQUISITE
- Mobile OWASP Top 10
- IOS Security Mechanisms & Architecture
- Secure Boot Chain
- MVC And Event Driven Architecture
- ARM Processor
- Application Isolation
- Data Encryption & Network Security
IOS pentesting basics
- iOS Security Model
- iOS File System isolation
- Application Sandbox
- iOS Device Architecture
- iOS App Development Background Concepts
- Simulator vs. Emulator
- Analyzing Application permissions
IOS lab setup
- XCode methodologies
- iOS Simulators
- Jailbreaking Essentials
- Jailbroken Device Lab Setup
- Exploring Custom App stores
- Setting up pentesting apps
- iOS PenTesting Tools Setup
ios application storage issues
- Application Storage Analysis
- Decrypting Appstore Applications
- File System and access security
- File System Data Protection Class
- Accessing the File Systems
- Application storages management
- Property list files basics
- Tampering with Property list files
- Investigating Plist files for stored credentials and process information
- iOS Database files analysis
- Snapshots Storage analysis
- Persistent Cookies in iOS
- Investigating Logs of applications
- Keyboard Cache snoop
- Cryptographic issues
- Accessing Keychains and Dumping data from keychains
sast pentesting ios applications
- Static code analysis of an application
- The need for Static Analysis Sources for Static Analysis
- The IPA file package container
- IPA file initialise on device IPA manual file installation
- The CodeResources
- Tampering with IPA Content
- Investigating View Controllers
- Investigating Info.plist file
- Listing all CFUR types on a device Investigating Binaries
- Understating of iOS Binary Application Structure Encryption
- Decrypting Applications Binaries
- Investigating binary content of App
- Hands-on Lab: Binary Static Analysis manual and automated
dast pentesting ios applications
- Scanning IOS applications
- Burp Suite Essentials
- Certificate Pinning
- Runtime Analysis with Cycript
- Working with Cycript + Class-dump-Z
- Snoop-it & Keychain Dumper
- Frida and Objection for Dynamic Analysis
- Insecure Cryptography attacks
- Attacking URL Schemes
- Client – Server Api and Web attacks
- Privilege Escalation methodologies
- Machine Level Analysis basics
- Sensitive Files Issues at the memory level
- Runtime Analysis & manipulation with GDB , IDA , Hooper
- Anti-piracy with GDB
- Audit IOS applications
- iOS Secure Development Best Practices
who should attend this training?
- Ethical hackers
- System Administrators
- Network Administrators
- Web admins
- Security Professionals
why should i take this training?
The era of technology is now growing every day but due to dependency on technology cyber frauds and attacks are also increased so to take defense for yourself and your business this is best suitable training to take entry in this domain.
prerequisite of the training ?
Common security concepts
Basic knowledge of the iOS development platform
what is the total duration of the training ?
Its an Instructor-led online training and the total duration of the training is 25 hours.
What People Are Saying
Today I've completed my one 2 one online training by Mr Naresh sir from Certcube Labs .
This is the first time I have attended a class in this format and wondered how effective it would be. It was very effective and therefore I would definitely be interested in attending other classes in the same format. The instructor was very knowlegeable and provided a wealth of information about the current version, especially since the last version I used was several releases ago.
5 start training. Naresh is the best. He made me Zero to Hero in 3 months time. Little bit expensive compare to others ,but totally worth it .
We're Here To Help!
3500 , 1st Floor , Raja Park , New Delhi -110034 , India
WORKING Hours - isT
M-S : 10 AM - 7 PM