search
githubEdit

iOS

Skill Level: Intermediate to Advanced Prerequisites: Swift/ObjC basics, iOS security model

hashtag
Resources & References

iOS Hacking - A Beginner’s Guide to Hacking iOS Apps [2022 Edition]martabytechevron-right
LogoModern iOS Pentesting: No Jailbreak Needed - Dvulndvuln.comchevron-right
LogoStart your first iOS Application Pentest with me.. (Part- 1)Mediumchevron-right
LogoMobSF "IPA Binary Analysis" | Step by StepInês Martinschevron-right

hashtag
Non-Jailbreak Testing (Recommended)

hashtag
Environment Setup

hashtag
IPA Acquisition & Analysis

hashtag
Objection (Non-Jailbreak Runtime Manipulation)

hashtag
Frida Scripting

hashtag
Proxy Setup (SSL Pinning Bypass)

hashtag
Jailbreak Testing

hashtag
Jailbroken Device Tools

hashtag
Static Analysis

hashtag
Binary Analysis

hashtag
Info.plist Analysis

hashtag
File System Analysis

hashtag
Dynamic Analysis

hashtag
Runtime Inspection

hashtag
Keychain Extraction

hashtag
Jailbreak Detection Bypass

hashtag
Common Vulnerabilities

hashtag
Insecure Data Storage

hashtag
URL Scheme Vulnerabilities

hashtag
Clipboard Vulnerabilities

hashtag
Binary Protections Check

hashtag
Tools Summary

Tool
Purpose
Jailbreak Required

Objection

Runtime manipulation, patching

No

Frida

Dynamic instrumentation

No (with patched IPA)

MobSF

Static analysis

No

ipatool

IPA download

No

Keychain-dumper

Keychain extraction

Yes

SSL Kill Switch

SSL pinning bypass

Yes

Cycript

Runtime exploration

Yes

class-dump

Header extraction

No

hashtag
iOS 17-18 Security Changes

hashtag
New Security Features

hashtag
Testing Considerations

hashtag
iOS 18 New Protections

hashtag
Bypassing New Protections

PreviousAndroidNextBurp Suite

Last updated

Was this helpful?