The Complete Ios Pentesting & Bug Bounty Course

Complete A-Z course on iOS Penetration Testing & iOS Bug Bounty Hunting with practical explanations

What you'll learn

OWASP Mobile Top 10

Jailbreaking an iOS device

iOS Basics & how applications work on iOS devices

iOS Security

Cybersecurity

iOS Penetration Testing

Requirements

No programming experience required

Basic computer skills

An iOS device (Do not use your personal device)

Willingness to learn!

Description

Welcome to The complete iOS Pentesting & Bug Bounty Course. This course covers about how security works in iOS devices and how vulnerabilities can be found in iOS applications. The course starts with the basics of how you can set up your hacking environment and then gradually moves on to how security works in iOS Applications. The course also shows you the different types of Jailbreak and how you can Jailbreak your iOS Device. The course also covers OWASP Mobile Top 10 and would cover all the categories of OWASP Mobile Top 10 with practical examples. The course also includes a detailed overview of iOS Security such as Keychain, Device Management, Data Protection etc.The major section of iOS Pentesting is the Static and the Dynamic Analysis where most of the vulnerabilities would be covered with practical approaches. These approaches can also be used to find vulnerabilities in bug bounty programs.At the end of the course, you would be exposed to certain Tips and Tricks that will make your upgrade iOS Pentesting skills. These tips will help you to differentiate yourself from others.This course also includes the Breakdown of some Hackerone Reports which are found and submitted by other hackers for better understanding.

Overview

Section 1: Introduction

Lecture 1 Introduction

Lecture 2 Disclaimer

Section 2: Setting Up your hacking environment!

Lecture 3 Setting up Mobexler

Lecture 4 Setting up MacOS on Windows Machine

Lecture 5 Simulators

Lecture 6 Emulators

Lecture 7 Jailbreaking and its types

Lecture 8 Jailbreaking Practical

Lecture 9 Connecting Burp Suite with iOS Device

Section 3: Getting Started with iOS

Lecture 10 Introduction to iOS Applications

Lecture 11 Introduction to Info.plist files

Lecture 12 What is UDID?

Lecture 13 Accessing the device shell

Lecture 14 On-device Shell App

Lecture 15 Transferring data between device and PC

Lecture 16 Extracting and Decrypting IPAs using frida-ios-dump

Lecture 17 Extracting and Decrypting IPAs using Filza

Lecture 18 Extracting and Decrypting IPAs using iMazing

Lecture 19 Installing Applications using 3uTools

Lecture 20 Installing Applications by Sideloading method

Section 4: iOS basics

Lecture 21 Data Protection

Lecture 22 Keychain

Lecture 23 App Capabilties and Purpose Strings

Lecture 24 App Extensions

Lecture 25 Device Management

Section 5: OWASP Mobile Top 10

Lecture 26 What is OWASP?

Lecture 27 M1: Improper Platform Usage

Lecture 28 M2: Insecure Data Storage

Lecture 29 M3: Insecure Communication & M4: Insecure Authentication

Lecture 30 M5: Insufficient Cryptography

Lecture 31 OWASP M6, M7, M8, M9, M10

Section 6: Static Analysis

Lecture 32 MobSF

Lecture 33 File System Analysis

Lecture 34 Application Log Analysis

Lecture 35 Hardcoded Credentials

Lecture 36 SQLite Databases

Lecture 37 Other Databases

Lecture 38 Firebase Misconfigurations

Lecture 39 iOS Keychain

Lecture 40 iOS UIPasteboard

Lecture 41 iOS WebViews

Lecture 42 Application Patching

Lecture 43 Sensitive information inside Applications Memory

Lecture 44 Insecure APIs/Functions

Section 7: Dynamic Analysis

Lecture 45 Tweaks, Substitute, Cydia/Sileo & Installing your first tweak!

Lecture 46 Installing Frida

Lecture 47 What is Jailbreak Detection? & Jailbreak Detection Bypass using Frida

Lecture 48 Jailbreak Detection Bypass using Shadow

Lecture 49 Jailbreak Detection Bypass using Liberty

Lecture 50 Jailbreak Detection Bypass using A-Bypass

Lecture 51 Jailbreak Detection Bypass using Objection

Lecture 52 Other Utilities

Lecture 53 What is SSL Pinning? & SSL Pinning Bypass using Frida

Lecture 54 SSL Pinning Bypass using SSL Kill Switch

Lecture 55 SSL Pinning Bypass using Objection

Lecture 56 Local Authentication Mechanisms Bypass

Section 8: Live Attack on a Bug Bounty Program (99 Acres)

Lecture 57 Disclaimer

Lecture 58 Live Demo

Section 9: Tips & Tricks

Lecture 59 iOS Pentesting Checklist

Lecture 60 iOS Pentesting Mindmap

Lecture 61 iOS Pentesting Nuclei Templates

Lecture 62 iOS Pentesting Reports

Lecture 63 Using Objection and Frida without Jailbreaking the device

Lecture 64 iOS Hacking Reports

Lecture 65 iOS Frida Scripts

Section 10: Bonus Lecture: Conclusion & Links

Lecture 66 Conclusion

Lecture 67 Links

Beginners who want to learn about iOS Penetration Testing,Mobile Application Developers,Security Researchers,Beginners who want to hunt vulnerabilities & security bugs in iOS Applications