The complete iOS Pentesting & Bug Bounty Course

Focused View

Vaibhav Lakhani

6:50:58

74 View

1. Introduction

1. Introduction.mp4

04:01

2. Disclaimer.html

2. Setting Up your hacking environment!

1. Setting up Mobexler.mp4

08:55

2. Setting up MacOS on Windows Machine.mp4

10:15

3. Simulators.mp4

01:50

4. Emulators.mp4

01:40

5. Jailbreaking and its types.mp4

07:45

6. Jailbreaking Practical.mp4

09:07

7. Connecting Burp Suite with iOS Device.mp4

09:25

3. Getting Started with iOS

1. Introduction to iOS Applications.mp4

10:34

2. Introduction to Info.plist files.mp4

13:33

3. What is UDID.mp4

02:42

4. Accessing the device shell.mp4

03:47

5. On-device Shell App.mp4

02:37

6. Transferring data between device and PC.mp4

05:43

7. Extracting and Decrypting IPAs using frida-ios-dump.mp4

08:25

8. Extracting and Decrypting IPAs using Filza.mp4

07:59

9. Extracting and Decrypting IPAs using iMazing.mp4

04:19

10. Installing Applications using 3uTools.mp4

03:31

11. Installing Applications by Sideloading method.mp4

05:44

4. iOS basics

1. Data Protection.mp4

08:21

2. Keychain.mp4

04:44

3. App Capabilties and Purpose Strings.mp4

07:24

4. App Extensions.mp4

05:40

5. Device Management.mp4

04:01

5. OWASP Mobile Top 10

1. What is OWASP.mp4

08:48

2. M1 Improper Platform Usage.mp4

03:11

3. M2 Insecure Data Storage.mp4

04:48

4. M3 Insecure Communication & M4 Insecure Authentication.mp4

05:04

5. M5 Insufficient Cryptography.mp4

04:13

6. OWASP M6, M7, M8, M9, M10.mp4

09:44

6. Static Analysis

1. MobSF.mp4

20:39

2. File System Analysis.mp4

11:32

3. Application Log Analysis.mp4

06:11

4. Hardcoded Credentials.mp4

03:12

5. SQLite Databases.mp4

04:08

6. Other Databases.mp4

04:03

7. Firebase Misconfigurations.mp4

03:44

8. iOS Keychain.mp4

02:17

9. iOS UIPasteboard.mp4

04:34

10. iOS WebViews.mp4

05:25

11. Application Patching.mp4

04:57

12. Sensitive information inside Applications Memory.mp4

02:48

13. Insecure APIsFunctions.mp4

04:02

7. Dynamic Analysis

1. Tweaks, Substitute, CydiaSileo & Installing your first tweak!.mp4

10:17

2. Installing Frida.mp4

03:48

3. What is Jailbreak Detection & Jailbreak Detection Bypass using Frida.mp4

08:30

4. Jailbreak Detection Bypass using Shadow.mp4

04:40

5. Jailbreak Detection Bypass using Liberty.mp4

02:09

6. Jailbreak Detection Bypass using A-Bypass.mp4

01:57

7. Jailbreak Detection Bypass using Objection.mp4

05:38

8. Other Utilities.mp4

03:22

9. What is SSL Pinning & SSL Pinning Bypass using Frida.mp4

08:03

10. SSL Pinning Bypass using SSL Kill Switch.mp4

02:12

11. SSL Pinning Bypass using Objection.mp4

06:42

12. Local Authentication Mechanisms Bypass.mp4

07:41

8. Live Attack on a Bug Bounty Program (99 Acres)

1. Disclaimer.html

2. Live Demo.mp4

34:48

9. Tips & Tricks

1.1 iOS Pentesting Checklist.xlsx

1. iOS Pentesting Checklist.mp4

06:13

2.1 1673119029055.zip

2. iOS Pentesting Mindmap.mp4

05:33

3.1 Nuclei Templates.zip

3. iOS Pentesting Nuclei Templates.mp4

05:47

4.1 Reports.zip

4. iOS Pentesting Reports.mp4

02:57

5. Using Objection and Frida without Jailbreaking the device.mp4

11:23

6.1 iOS Reports.txt

6. iOS Hacking Reports.mp4

10:30

7. iOS Frida Scripts.mp4

02:49

10. Bonus Lecture Conclusion & Links

1. Conclusion.mp4

00:37

2. Links.html

Description

Complete A-Z course on iOS Penetration Testing & iOS Bug Bounty Hunting with practical explanations

What You'll Learn?

OWASP Mobile Top 10
Jailbreaking an iOS device
iOS Basics & how applications work on iOS devices
iOS Security
Cybersecurity
iOS Penetration Testing

Who is this for?

Beginners who want to learn about iOS Penetration Testing

Mobile Application Developers

Security Researchers

Beginners who want to hunt vulnerabilities & security bugs in iOS Applications

What You Need to Know?

No programming experience required

Basic computer skills

An iOS device (Do not use your personal device)

Willingness to learn!

More details

Description
Welcome to The complete iOS Pentesting & Bug Bounty Course. This course covers about how security works in iOS devices and how vulnerabilities can be found in iOS applications.
The course starts with the basics of how you can set up your hacking environment and then gradually moves on to how security works in iOS Applications.
The course also shows you the different types of Jailbreak and how you can Jailbreak your iOSÂ Device.
The course also covers OWASPÂ Mobile Top 10 and would cover all the categories of OWASPÂ Mobile Top 10 with practical examples.
The course also includes a detailed overview of iOS Security such as Keychain, Device Management, Data Protection etc.
The major section of iOSÂ Pentesting is the Static and the Dynamic Analysis where most of the vulnerabilities would be covered with practical approaches. These approaches can also be used to find vulnerabilities in bug bounty programs.
At the end of the course, you would be exposed to certain Tips and Tricks that will make your upgrade iOS Pentesting skills. These tips will help you to differentiate yourself from others.
This course also includes the Breakdown of some Hackerone Reports which are found and submitted by other hackers for better understanding.
Who this course is for:
Beginners who want to learn about iOS Penetration Testing
Mobile Application Developers
Security Researchers
Beginners who want to hunt vulnerabilities & security bugs in iOS Applications

User Reviews

Rating

average 0

Total votes0

Focused display

I am Vaibhav Lakhani a security researcher and an application security expert dealing with various application security projects. I have a keen interest in Web Application Security, Mobile Security, and Red Teaming. I have worked with different organizations including top banks, e-commerce companies, and power industries helping them secure their infrastructure. I have been giving training and workshops on Cyber Security and Ethical Hacking across different colleges in India. I am CEH and eJPT certified and have been acknowledged by different companies such as Dutch Telekom, United Nations, Nike, Sarova, and other private programs for finding out vulnerabilities in their organization and responsibly reporting them. I also have been acknowledged under Top 15 hackers by NCIIPC.Disclaimer: All courses are created at a personal level and involves no organization!

Udemy

View courses Udemy

Students take courses primarily to improve job-related skills.Some courses generate credit toward technical certification. Udemy has made a special effort to attract corporate trainers seeking to create coursework for employees of their company.