• Français
  • English

Training | iOS: Application Security and OS Internals

Learn how to study iOS applications to perform a security assessment or a comprehensive reverse… 

SYNOPSIS

During this training, we will dispense all the knowledge needed to study iOS applications to perform either a security assessment, or a comprehensive reverse engineering. We will focus on the latest versions of iOS (starting from 11). The training heavily relies on practice therefore numerous labs exercises will be done.

TARGET AUDIENCE

  • Reverse engineers interested in iOS
  • Security engineers with no prior experience in iOS but who needs to assess apps or start studying the system.

 

DURATION

3 days (in-person)

PREREQUISITES

  • Familiar with an assembly language
  • Familiar with operating system concepts
  • Basic knowledge of Python

 

OBJECTIVES

  • Being able to assess or study an iOS application
  • Being able to understand or explore most of iOS Userland components

 

EXERCISES

  • Binaries reversing
  • Small tools writing

 

MODULES

Day 1

  • Introduction
    • Lab setup
  • Applications
    • Architecture
    • Mach-O
    • Shared Cache
    • App Life Cycle
    • Objective-C

Day 2

  • App Reverse Engineering & Security
    • Instruction Set Architecture
    • Static Analysis
    • Dynamic Analysis
    • Security

Day 3

  • Daemons & Communications
    • XPC
  • iOS Security Mechanisms
    • Code Signing
    • Entitlements
    • Jailbreaks