IOS Penetration Testing
Đang tạo bản xem trước...
iOS Penetration Testing A Definitive Guide to iOS Security — First Edition — Kunal Relan www.allitebooks.com iOS Penetration Testing A Definitive Guide to iOS Security First Edition Kunal Relan www.allitebooks.com iOS Penetration Testing: A Definitive Guide to iOS Security Kunal Relan Noida, Uttar Pradesh India ISBN-13 (pbk): 978-1-4842-2354-3 DOI 10.1007/978-1-4842-2355-0 ISBN-13 (electronic): 978-1-4842-2355-0 Library of Congress Control Number: 2016960329 Copyright © 2016 by Kunal Relan This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. Trademarked names, logos, and images may appear in this book. Rather than use a trademark symbol with every occurrence of a trademarked name, logo, or image we use the names, logos, and images only in an editorial fashion and to the benefit of the trademark owner, with no intention of infringement of the trademark. The use in this publication of trade names, trademarks, service marks, and similar terms, even if they are not identified as such, is not to be taken as an expression of opinion as to whether or not they are subject to proprietary rights. While the advice and information in this book are believed to be true and accurate at the date of publication, neither the authors nor the editors nor the publisher can accept any legal responsibility for any errors or omissions that may be made. The publisher makes no warranty, express or implied, with respect to the material contained herein. Managing Director: Welmoed Spahr Lead Editor: Nikhil Karkal Technical Reviewer: Nishant Das Patnaik Editorial Board: Steve Anglin, P
… Tải file gốc để đọc toàn bộ tài liệu.
- Tên tài liệu
- IOS Penetration Testing
- Tác giả (trong tài liệu)
- Kunal Relan
- Nội dung
- Tài liệu này là một hướng dẫn chi tiết về kiểm thử xâm nhập trên nền tảng iOS, bao gồm các kỹ thuật, công cụ và phương pháp để đánh giá bảo mật. Nó cung cấp kiến thức cần thiết để xác định và khai thác các lỗ hổng bảo mật trên iOS.
- Mục lục
- Contents About the Author
- About the Technical Reviewer
- Acknowledgments
- Introduction
- ■Chapter 1: Introduction to iOS
- iOS Introduction
- Security History
- Code Signing
- Data Execution Prevention (DEP)
- Address Space Layout Randomization (ASLR)
- Sandbox
- iOS Boot Procedure
- Updates
- What’s New?
- System Insight
- iOS System Hierarchy
- Applications
- Library
- Bin Folder
- Dev Directory
- Lib Folder
- Sbin Directory
- www.allitebooks.com ■ CONTENTS Tmp Directory
- Developer Directory
- System Directory
- Boot Directory
- Etc Directory
- mnt Directory
- usr Directory
- var Directory
- User Directory
- Private Directory
- iOS Application Overview
- Summary
- ■Chapter 2: iOS App Development Basics
- Introduction to Objective-C and Swift
- Objective-C Runtime
- Basic Terminology in Objective-C
- Object Creation
- Data Types
- Methods
- Instance Methods
- Class Methods
- Introduction to Swift
- Swift Runtime
- Compatibility with Objective-C
- Stored Properties
- Classes and Methods
- Structures
- Introduction to Xcode
- Getting Started with Xcode
- Cocoa Framework
- CocoaPods
- Hello World with Swift
- iOS Application Architecture
- Summary
- ■Chapter 3: iOS App Vulnerabilities and Jailbreaking
- Introduction to Security and Vulnerabilities in iOS
- What Is Jailbreaking?
- Jailbreaking iOS
- SSHing in iOS
- Installing the Tools
- Installing class-dump
- Installing the libimobiledevice Library
- Installing Cycript
- Setting Up a Proxy
- Installing Keychain Dumper
- Common iOS Vulnerabilities
- Buffer Overflows
- Invalidated Input
- Privilege Escalation
- Insecure Data Storage
- Insecure Transport Layer
- Client-Side Injection
- Weakness in Authentication and Authorization
- Summary
- www.allitebooks.com ■ CONTENTS ■Chapter 4: Blackbox Testing iOS Apps
- Intercepting Network Traffic
- Defeating User Validation
- Damn Vulnerable iOS App: DVIA
- Performing Runtime Analysis
- Summary
- ■Chapter 5: iOS Security Toolkit
- Advance Reverse Engineering
- A Day in the Life of a Debugger
- Debugging in Xcode
- Bypassing Jailbreak Detection
- Summary
- ■Chapter 6: Automating App Testing
- idb: Simplify Penetration Test
- iRET: iOS Reverse Engineering Toolkit
- Tweaking the Development
- Summary
- ■Chapter 7: iOS App Security Practices
- Storage in iOS
- Data Storage Security
- Transport Layer Security
- Certificate Pinning
- Anti-Debugging Protections
- Secure Development Guidelines
- Untrusted Data
- Session Management
- www.allitebooks.com ■ CONTENTS Data Storage
- Geolocation Handling
- Escape Classic C Attacks
- Transport Layer
- Số trang
- 147 trang
- Người đăng
- lienhejb
Câu hỏi thường gặp
Làm sao để tải tài liệu này về?
Đây là tài liệu VIP. Bạn cần tài khoản VIP còn hiệu lực để mở khóa và tải file gốc về máy.
Tài liệu dài bao nhiêu trang?
Tài liệu gồm 147 trang. Bạn có thể xem trước online trước khi tải.
Tôi có thể xem trước trước khi tải không?
Có. Bạn xem trước tài liệu ngay trên trang này bằng trình đọc online, rồi quyết định tải về.

Bình luận (0)
Chưa có bình luận nào. Hãy là người đầu tiên!