iOS: Application Security and OS Internals

Learn how to perform either a security assessment, or a comprehensive reverse engineering on iOS applications
Register Now

NEXT SESSION ON THE 15TH OF JANUARY 2020

SYNOPSIS

During this training, we will dispense all the knowledge needed to study iOS applications to perform either a security assessment, or a comprehensive reverse engineering. We will focus on the latest versions of iOS (starting from 11). The training heavily relies on practice therefore numerous labs exercises will be done.

TARGET AUDIENCE

  • Reverse engineers interested in iOS
  • Security engineers with no prior experience in iOS but who needs to assess apps or start studying the system.

DURATION

3 days (15-16-17 January 2020)

PREREQUISITES

  • Familiar with an assembly language
  • Familiar with operating system concepts
  • Basic knowledge of Python

OBJECTIVES

  • Being able to assess or study an iOS application
  • Being able to understand or explore most of iOS Userland components

EXERCISES

  • Binaries reversing
  • Small tools writing

MODULES

Day 1

  • Introduction
    • Lab setup
  • Applications
    • Architecture
    • Mach-O
    • Shared Cache
    • App Life Cycle
    • Objective-C

Day 2

  • App Reverse Engineering & Security
    • Instruction Set Architecture
    • Static Analysis
    • Dynamic Analysis
    • Security

Day 3

  • Daemons & Communications
    • XPC
  • iOS Security Mechanisms
    • Code Signing
    • Entitlements
    • Jailbreaks