| Document Type
|
:
|
BL
|
| Record Number
|
:
|
644635
|
| Doc. No
|
:
|
dltt
|
| Main Entry
|
:
|
Relan, Kunal.
|
| Title & Author
|
:
|
IOS penetration testing : : a definitive guide to iOS security /\ Kunal Relan
|
| Edition Statement
|
:
|
First edition
|
|
|
:
|
First edition
|
| Page. NO
|
:
|
1 online resource
|
| ISBN
|
:
|
9781484223550
|
|
|
:
|
: 1484223551
|
|
|
:
|
9781484223543
|
|
|
:
|
1484223543
|
| Contents
|
:
|
At a Glance; Contents; About the Author ; About the Technical Reviewer; Acknowledgments; Introduction; Chapter 1: Introduction to iOS; iOS Introduction; Security History; Code Signing; Data Execution Prevention (DEP); Address Space Layout Randomization (ASLR); Sandbox; iOS Boot Procedure; Updates; What's New?; System Insight; iOS System Hierarchy; Applications; Library; Bin Folder; Dev Directory; Lib Folder; Sbin Directory; Tmp Directory; Developer Directory; System Directory; Boot Directory; Etc Directory; mnt Directory; usr Directory; var Directory
|
|
|
:
|
User Directory Private Directory; iOS Application Overview; Summary; Chapter 2: iOS App Development Basics; Introduction to Objective-C and Swift; Objective-C Runtime; Basic Terminology in Objective-C; Object Creation; Data Types; Methods; Instance Methods; Class Methods; Introduction to Swift; Swift Runtime; Compatibility with Objective-C; Stored Properties; Classes and Methods; Structures; Introduction to Xcode; Getting Started with Xcode; Cocoa Framework; CocoaPods; Hello World with Swift; iOS Application Architecture; Summary
|
|
|
:
|
Chapter 3: iOS App Vulnerabilities and Jailbreaking Introduction to Security and Vulnerabilities in iOS; What Is Jailbreaking?; Jailbreaking iOS; SSHing in iOS; Installing the Tools; Installing class-dump; Installing the libimobiledevice Library; Installing Cycript; Setting Up a Proxy; Installing Keychain Dumper; Common iOS Vulnerabilities; Buffer Overflows; Invalidated Input; Privilege Escalation; Insecure Data Storage; Insecure Transport Layer; Client-Side Injection; Weakness in Authentication and Authorization; Summary; Chapter 4: Blackbox Testing iOS Apps
|
|
|
:
|
Intercepting Network Traffic Defeating User Validation; Damn Vulnerable iOS App: DVIA; Insecure Data Storage; NSUserDefaults Private Data; Dumping iOS Keychain; Performing Runtime Analysis; Summary; Chapter 5: iOS Security Toolkit; Advance Reverse Engineering; A Day in the Life of a Debugger; Debugging in Xcode; Bypassing Jailbreak Detection; Summary; Chapter 6: Automating App Testing; idb: Simplify Penetration Test; iRET: iOS Reverse Engineering Toolkit; Tweaking the Development; Summary; Chapter 7: iOS App Security Practices; Storage in iOS; Data Storage Security
|
|
|
:
|
Transport Layer Security Certificate Pinning; Anti-Debugging Protections; Secure Development Guidelines; Untrusted Data; Session Management; Data Storage; Geolocation Handling; Escape Classic C Attacks; Transport Layer; Closing Thoughts; Index
|
| Abstract
|
:
|
Although a tough system to manipulate, there are still critical iOS security bugs that can be exploited. In response to this issue, author Kunal Relan offers a concise, deep dive into iOS security, including all the tools and methods to master reverse engineering of iOS apps and penetration testing. iOS Penetration Testing covers the most significant attacks threatening iOS applications in recent times. The readers will also learn methods of patching iOS applications to make payment transactions and personal data sharing more secure. If you're a security professional, IS analyst, iOS Reverse Engineer or developer, or simply interested in secure application development, iOS Penetration Testing is a must have
|
| Subject
|
:
|
Computer security.
|
| Subject
|
:
|
Application software.
|
| Subject
|
:
|
Computer Science.
|
| Subject
|
:
|
Apple and iOS.
|
| Subject
|
:
|
Software Engineering.
|
| Subject
|
:
|
Data Encryption.
|
| Subject
|
:
|
Systems and Data Security.
|
| Dewey Classification
|
:
|
005.8
|
|
|
:
|
004
|
| LC Classification
|
:
|
QA76.9.A25
|
| Added Entry
|
:
|
Ohio Library and Information Network.
|