وب سایت تخصصی شرکت فرین
دسته بندی دوره ها

The complete iOS Pentesting & Bug Bounty Course

سرفصل های دوره

Complete A-Z course on iOS Penetration Testing & iOS Bug Bounty Hunting with practical explanations


1. Introduction
  • 1. Introduction
  • 2. Disclaimer.html

  • 2. Setting Up your hacking environment!
  • 1. Setting up Mobexler
  • 2. Setting up MacOS on Windows Machine
  • 3. Simulators
  • 4. Emulators
  • 5. Jailbreaking and its types
  • 6. Jailbreaking Practical
  • 7. Connecting Burp Suite with iOS Device

  • 3. Getting Started with iOS
  • 1. Introduction to iOS Applications
  • 2. Introduction to Info.plist files
  • 3. What is UDID
  • 4. Accessing the device shell
  • 5. On-device Shell App
  • 6. Transferring data between device and PC
  • 7. Extracting and Decrypting IPAs using frida-ios-dump
  • 8. Extracting and Decrypting IPAs using Filza
  • 9. Extracting and Decrypting IPAs using iMazing
  • 10. Installing Applications using 3uTools
  • 11. Installing Applications by Sideloading method

  • 4. iOS basics
  • 1. Data Protection
  • 2. Keychain
  • 3. App Capabilties and Purpose Strings
  • 4. App Extensions
  • 5. Device Management

  • 5. OWASP Mobile Top 10
  • 1. What is OWASP
  • 2. M1 Improper Platform Usage
  • 3. M2 Insecure Data Storage
  • 4. M3 Insecure Communication & M4 Insecure Authentication
  • 5. M5 Insufficient Cryptography
  • 6. OWASP M6, M7, M8, M9, M10

  • 6. Static Analysis
  • 1. MobSF
  • 2. File System Analysis
  • 3. Application Log Analysis
  • 4. Hardcoded Credentials
  • 5. SQLite Databases
  • 6. Other Databases
  • 7. Firebase Misconfigurations
  • 8. iOS Keychain
  • 9. iOS UIPasteboard
  • 10. iOS WebViews
  • 11. Application Patching
  • 12. Sensitive information inside Applications Memory
  • 13. Insecure APIsFunctions

  • 7. Dynamic Analysis
  • 1. Tweaks, Substitute, CydiaSileo & Installing your first tweak!
  • 2. Installing Frida
  • 3. What is Jailbreak Detection & Jailbreak Detection Bypass using Frida
  • 4. Jailbreak Detection Bypass using Shadow
  • 5. Jailbreak Detection Bypass using Liberty
  • 6. Jailbreak Detection Bypass using A-Bypass
  • 7. Jailbreak Detection Bypass using Objection
  • 8. Other Utilities
  • 9. What is SSL Pinning & SSL Pinning Bypass using Frida
  • 10. SSL Pinning Bypass using SSL Kill Switch
  • 11. SSL Pinning Bypass using Objection
  • 12. Local Authentication Mechanisms Bypass

  • 8. Live Attack on a Bug Bounty Program (99 Acres)
  • 1. Disclaimer.html
  • 2. Live Demo

  • 9. Tips & Tricks
  • 1.1 iOS Pentesting Checklist.xlsx
  • 1. iOS Pentesting Checklist
  • 2.1 1673119029055.zip
  • 2. iOS Pentesting Mindmap
  • 3. iOS Pentesting Nuclei Templates
  • 4. iOS Pentesting Reports
  • 5. Using Objection and Frida without Jailbreaking the device
  • 6.1 iOS Reports.txt
  • 6. iOS Hacking Reports
  • 7. iOS Frida Scripts
      MACOSX
        Nuclei Templates
      • ats.zip
      • google-api-key.zip
      • touchid.zip
        Reports
      • application trasnport security-load enable.zip
      • dangerous permissions.zip
      • insecure apis functions used.zip
      • jailbreak detection bypass.zip
      • ssl pinning bypass.zip
      • touchid bypass.zip
      • weak hashing algorithm used.zip
      Nuclei Templates
    • amazon-mws.zip
    • application-permissions.zip
    • ats.zip
    • aws-access-key.zip
    • aws-cognito-pool.zip
    • basic-auth-creds.zip
    • cloudinary-basic-auth.zip
    • custom-url-schemes.zip
    • ds store.zip
    • dynatrace-token.zip
    • exported-custom-documents.zip
    • facebook-client-id.zip
    • file-protections.zip
    • firebase-database.zip
    • gcp-account.zip
    • google-api-key.zip
    • linkedin-client-id.zip
    • mailchimp-api-key.zip
    • mailgun-api-key.zip
    • paypal-braintree-access-token.zip
    • pictatic-api-key.zip
    • private-key.zip
    • required-device-capabilities.zip
    • s3-bucket.zip
    • sendgrid-api-key.zip
    • shopify-custom-token.zip
    • slack-api.zip
    • slack-webhook.zip
    • square-tokens.zip
    • stripe-api-key.zip
    • touchid.zip
    • twilio-api.zip
    • twitter-secret.zip
      Reports
    • application trasnport security-load enable.zip
    • dangerous permissions.zip
    • ds store.zip
    • insecure apis functions used.zip
    • jailbreak detection bypass.zip
    • ssl pinning bypass.zip
    • touchid bypass.zip
    • weak hashing algorithm used.zip

  • 10. Bonus Lecture Conclusion & Links
  • 1. Conclusion
  • 2. Links.html
  • 139,000 تومان
    بیش از یک محصول به صورت دانلودی میخواهید؟ محصول را به سبد خرید اضافه کنید.
    خرید دانلودی فوری

    در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

    ایمیل شما:
    تولید کننده:
    مدرس:
    شناسه: 44517
    حجم: 3296 مگابایت
    مدت زمان: 411 دقیقه
    تاریخ انتشار: ۲۰ اردیبهشت ۱۴۰۴
    دیگر آموزش های این مدرس
    طراحی سایت و خدمات سئو

    139,000 تومان
    افزودن به سبد خرید