Book Image

Learning iOS Penetration Testing

By : Swaroop Yermalkar
Book Image

Learning iOS Penetration Testing

By: Swaroop Yermalkar

Overview of this book

iOS has become one of the most popular mobile operating systems with more than 1.4 million apps available in the iOS App Store. Some security weaknesses in any of these applications or on the system could mean that an attacker can get access to the device and retrieve sensitive information. This book will show you how to conduct a wide range of penetration tests on iOS devices to uncover vulnerabilities and strengthen the system from attacks. Learning iOS Penetration Testing discusses the common vulnerabilities and security-related shortcomings in an iOS application and operating system, and will teach you to conduct static and dynamic analysis of iOS applications. This practical guide will help you uncover vulnerabilities in iOS phones and applications. We begin with basics of iOS security and dig deep to learn about traffic analysis, code analysis, and various other techniques. Later, we discuss the various utilities, and the process of reversing and auditing.
Table of Contents (17 chapters)
Learning iOS Penetration Testing
Credits
Foreword – Why Mobile Security Matters
About the Author
About the Reviewer
www.PacktPub.com
Preface
Index

About the Reviewer

Kenneth R. van Wyk is an internationally recognized information security expert and the author of three popular books, Enterprise Software Security, Secure Coding, and Incident Response. In addition to providing consulting and training services through his company, KRvW Associates, LLC (http://www.KRvW.com), he currently holds the following positions: member of the board of directors of SecAppDev (http://www.secappdev.org) and monthly columnist for Computerworld (http://www.Computerworld.com). Ken is also the project leader of the Open Web Application Security Project (OWASP) iGoat project (https://www.owasp.org/index.php/OWASP_iGoat_Project), and is a distinguished engineering alumnus of Lehigh University (http://www.lehigh.edu/engineering/about/alumni/vanwyk.html).

Ken has 25 years of experience as an IT Security practitioner in commercial, academic, and military sectors. He has held executive and senior technologist positions at Tekmark Group, Para Protect Services Inc., Science Applications International Corporation (SAIC), U.S. Department of Defense, Carnegie Mellon University, and Lehigh University.

At Software Engineering Institute of Carnegie Mellon University, Ken was one of the founders of the Computer Emergency Response Team (CERT®). He holds a mechanical engineering degree from Lehigh University and is a frequent speaker at technical conferences. He has presented tutorials and technical sessions for CSI, ISF, USENIX, FIRST, AusCERT, and others.

Ken is a dual citizen of the EU (England) and USA, and currently holds a U.S. Department of Defense TOP SECRET clearance.

In his spare time, Ken enjoys mountain biking, hiking, jogging, and wine tasting. He is an NRA distinguished expert and pistol instructor.