Many times, an application makes the mistake of storing sensitive API keys and encryption keys at client side. After reverse engineering the iOS application, we can look in the source code for sensitive keys, application logic, and other such aspects.
In the iGoat application, there is an exercise of String Analysis where you have to find the answer to the riddle that lies in the source code and input it in the box to complete the challenge.
Follow these steps to perform string analysis:
Start the Reverse Engineering exercise from the iGoat application. It will prompt you with a window to answer the riddle: