Next session on the 15th of January 2020

Synopsis

During this training, we will dispense all the knowledge needed to study iOS applications to perform either a security assessment, or a comprehensive reverse engineering. We will focus on the latest versions of iOS (starting from 11). The training heavily relies on practice therefore numerous labs exercises will be done.

Target audience

• Reverse engineers interested in iOS
• Security engineers with no prior experience in iOS but who needs to assess apps or start studying the system.

Duration

3 days (15-16-17 January 2020)

Prerequisites

• Familiar with an assembly language
• Familiar with operating system concepts
• Basic knowledge of Python

Objectives

• Being able to assess or study an iOS application
• Being able to understand or explore most of iOS Userland components

Exercises

• Binaries reversing
• Small tools writing

Modules

Day 1

• Introduction

• • Lab setup

• Applications

• • Architecture
• • Mach-O
• • Shared Cache
• • App Life Cycle
• • Objective-C

Day 2

• App Reverse Engineering & Security

• • Instruction Set Architecture
• • Static Analysis
• • Dynamic Analysis
• • Security

Day 3

• Daemons & Communications

• • XPC

• iOS Security Mechanisms

• • Code Signing
• • Entitlements
• • Jailbreaks