Linked e-resources
Details
Table of Contents
At a Glance; Contents; About the Author ; About the Technical Reviewer; Acknowledgments; Introduction; Chapter 1: Introduction to iOS; iOS Introduction; Security History; Code Signing; Data Execution Prevention (DEP); Address Space Layout Randomization (ASLR); Sandbox; iOS Boot Procedure; Updates; What's New?; System Insight; iOS System Hierarchy; Applications; Library; Bin Folder; Dev Directory; Lib Folder; Sbin Directory; Tmp Directory; Developer Directory; System Directory; Boot Directory; Etc Directory; mnt Directory; usr Directory; var Directory
User Directory Private Directory; iOS Application Overview; Summary; Chapter 2: iOS App Development Basics; Introduction to Objective-C and Swift; Objective-C Runtime; Basic Terminology in Objective-C; Object Creation; Data Types; Methods; Instance Methods; Class Methods; Introduction to Swift; Swift Runtime; Compatibility with Objective-C; Stored Properties; Classes and Methods; Structures; Introduction to Xcode; Getting Started with Xcode; Cocoa Framework; CocoaPods; Hello World with Swift; iOS Application Architecture; Summary
Chapter 3: iOS App Vulnerabilities and Jailbreaking Introduction to Security and Vulnerabilities in iOS; What Is Jailbreaking?; Jailbreaking iOS; SSHing in iOS; Installing the Tools; Installing class-dump; Installing the libimobiledevice Library; Installing Cycript; Setting Up a Proxy; Installing Keychain Dumper; Common iOS Vulnerabilities; Buffer Overflows; Invalidated Input; Privilege Escalation; Insecure Data Storage; Insecure Transport Layer; Client-Side Injection; Weakness in Authentication and Authorization; Summary; Chapter 4: Blackbox Testing iOS Apps
Intercepting Network Traffic Defeating User Validation; Damn Vulnerable iOS App: DVIA; Insecure Data Storage; NSUserDefaults Private Data; Dumping iOS Keychain; Performing Runtime Analysis; Summary; Chapter 5: iOS Security Toolkit; Advance Reverse Engineering; A Day in the Life of a Debugger; Debugging in Xcode; Bypassing Jailbreak Detection; Summary; Chapter 6: Automating App Testing; idb: Simplify Penetration Test; iRET: iOS Reverse Engineering Toolkit; Tweaking the Development; Summary; Chapter 7: iOS App Security Practices; Storage in iOS; Data Storage Security
Transport Layer Security Certificate Pinning; Anti-Debugging Protections; Secure Development Guidelines; Untrusted Data; Session Management; Data Storage; Geolocation Handling; Escape Classic C Attacks; Transport Layer; Closing Thoughts; Index
User Directory Private Directory; iOS Application Overview; Summary; Chapter 2: iOS App Development Basics; Introduction to Objective-C and Swift; Objective-C Runtime; Basic Terminology in Objective-C; Object Creation; Data Types; Methods; Instance Methods; Class Methods; Introduction to Swift; Swift Runtime; Compatibility with Objective-C; Stored Properties; Classes and Methods; Structures; Introduction to Xcode; Getting Started with Xcode; Cocoa Framework; CocoaPods; Hello World with Swift; iOS Application Architecture; Summary
Chapter 3: iOS App Vulnerabilities and Jailbreaking Introduction to Security and Vulnerabilities in iOS; What Is Jailbreaking?; Jailbreaking iOS; SSHing in iOS; Installing the Tools; Installing class-dump; Installing the libimobiledevice Library; Installing Cycript; Setting Up a Proxy; Installing Keychain Dumper; Common iOS Vulnerabilities; Buffer Overflows; Invalidated Input; Privilege Escalation; Insecure Data Storage; Insecure Transport Layer; Client-Side Injection; Weakness in Authentication and Authorization; Summary; Chapter 4: Blackbox Testing iOS Apps
Intercepting Network Traffic Defeating User Validation; Damn Vulnerable iOS App: DVIA; Insecure Data Storage; NSUserDefaults Private Data; Dumping iOS Keychain; Performing Runtime Analysis; Summary; Chapter 5: iOS Security Toolkit; Advance Reverse Engineering; A Day in the Life of a Debugger; Debugging in Xcode; Bypassing Jailbreak Detection; Summary; Chapter 6: Automating App Testing; idb: Simplify Penetration Test; iRET: iOS Reverse Engineering Toolkit; Tweaking the Development; Summary; Chapter 7: iOS App Security Practices; Storage in iOS; Data Storage Security
Transport Layer Security Certificate Pinning; Anti-Debugging Protections; Secure Development Guidelines; Untrusted Data; Session Management; Data Storage; Geolocation Handling; Escape Classic C Attacks; Transport Layer; Closing Thoughts; Index