IOS Penetration Testing
Vorschau wird generiert...
iOS Penetration Testing A Definitive Guide to iOS Security — First Edition — Kunal Relan www.allitebooks.com iOS Penetration Testing A Definitive Guide to iOS Security First Edition Kunal Relan www.allitebooks.com iOS Penetration Testing: A Definitive Guide to iOS Security Kunal Relan Noida, Uttar Pradesh India ISBN-13 (pbk): 978-1-4842-2354-3 DOI 10.1007/978-1-4842-2355-0 ISBN-13 (electronic): 978-1-4842-2355-0 Library of Congress Control Number: 2016960329 Copyright © 2016 by Kunal Relan This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. Trademarked names, logos, and images may appear in this book. Rather than use a trademark symbol with every occurrence of a trademarked name, logo, or image we use the names, logos, and images only in an editorial fashion and to the benefit of the trademark owner, with no intention of infringement of the trademark. The use in this publication of trade names, trademarks, service marks, and similar terms, even if they are not identified as such, is not to be taken as an expression of opinion as to whether or not they are subject to proprietary rights. While the advice and information in this book are believed to be true and accurate at the date of publication, neither the authors nor the editors nor the publisher can accept any legal responsibility for any errors or omissions that may be made. The publisher makes no warranty, express or implied, with respect to the material contained herein. Managing Director: Welmoed Spahr Lead Editor: Nikhil Karkal Technical Reviewer: Nishant Das Patnaik Editorial Board: Steve Anglin, P
… Laden Sie die Originaldatei herunter, um das vollständige Dokument zu lesen.
- Dokumentenname
- IOS Penetration Testing
- Autor (im Dokument)
- Kunal Relan
- Inhalt
- Tài liệu này là một hướng dẫn chi tiết về kiểm thử xâm nhập trên nền tảng iOS, bao gồm các kỹ thuật, công cụ và phương pháp để đánh giá bảo mật. Nó cung cấp kiến thức cần thiết để xác định và khai thác các lỗ hổng bảo mật trên iOS.
- Inhaltsverzeichnis
- Contents About the Author
- About the Technical Reviewer
- Acknowledgments
- Introduction
- ■Chapter 1: Introduction to iOS
- iOS Introduction
- Security History
- Code Signing
- Data Execution Prevention (DEP)
- Address Space Layout Randomization (ASLR)
- Sandbox
- iOS Boot Procedure
- Updates
- What’s New?
- System Insight
- iOS System Hierarchy
- Applications
- Library
- Bin Folder
- Dev Directory
- Lib Folder
- Sbin Directory
- www.allitebooks.com ■ CONTENTS Tmp Directory
- Developer Directory
- System Directory
- Boot Directory
- Etc Directory
- mnt Directory
- usr Directory
- var Directory
- User Directory
- Private Directory
- iOS Application Overview
- Summary
- ■Chapter 2: iOS App Development Basics
- Introduction to Objective-C and Swift
- Objective-C Runtime
- Basic Terminology in Objective-C
- Object Creation
- Data Types
- Methods
- Instance Methods
- Class Methods
- Introduction to Swift
- Swift Runtime
- Compatibility with Objective-C
- Stored Properties
- Classes and Methods
- Structures
- Introduction to Xcode
- Getting Started with Xcode
- Cocoa Framework
- CocoaPods
- Hello World with Swift
- iOS Application Architecture
- Summary
- ■Chapter 3: iOS App Vulnerabilities and Jailbreaking
- Introduction to Security and Vulnerabilities in iOS
- What Is Jailbreaking?
- Jailbreaking iOS
- SSHing in iOS
- Installing the Tools
- Installing class-dump
- Installing the libimobiledevice Library
- Installing Cycript
- Setting Up a Proxy
- Installing Keychain Dumper
- Common iOS Vulnerabilities
- Buffer Overflows
- Invalidated Input
- Privilege Escalation
- Insecure Data Storage
- Insecure Transport Layer
- Client-Side Injection
- Weakness in Authentication and Authorization
- Summary
- www.allitebooks.com ■ CONTENTS ■Chapter 4: Blackbox Testing iOS Apps
- Intercepting Network Traffic
- Defeating User Validation
- Damn Vulnerable iOS App: DVIA
- Performing Runtime Analysis
- Summary
- ■Chapter 5: iOS Security Toolkit
- Advance Reverse Engineering
- A Day in the Life of a Debugger
- Debugging in Xcode
- Bypassing Jailbreak Detection
- Summary
- ■Chapter 6: Automating App Testing
- idb: Simplify Penetration Test
- iRET: iOS Reverse Engineering Toolkit
- Tweaking the Development
- Summary
- ■Chapter 7: iOS App Security Practices
- Storage in iOS
- Data Storage Security
- Transport Layer Security
- Certificate Pinning
- Anti-Debugging Protections
- Secure Development Guidelines
- Untrusted Data
- Session Management
- www.allitebooks.com ■ CONTENTS Data Storage
- Geolocation Handling
- Escape Classic C Attacks
- Transport Layer
- Seiten
- 147 Seiten
- Hochgeladen von
- lienhejb
Häufig gestellte Fragen
Wie lade ich dieses Dokument herunter?
Dies ist ein VIP-Dokument. Sie benötigen ein aktives VIP-Konto, um die Originaldatei freizuschalten und herunterzuladen.
Wie viele Seiten hat dieses Dokument?
Das Dokument hat 147 Seiten. Sie können es vor dem Herunterladen online in der Vorschau ansehen.
Kann ich vor dem Herunterladen eine Vorschau ansehen?
Ja. Sie können sich dieses Dokument direkt auf dieser Seite im Online-Reader ansehen und dann entscheiden, ob Sie es herunterladen möchten.

Kommentare (0)
Noch keine Kommentare. Seien Sie der Erste!