Just wanted to post a couple of really interesting medium articles I found on Iphone pentesting. As an Iphone user, I have always wanted to see the source code of the apps I use, so it has been really interesting going through the process of jailbreaking my old iphone and ftping the .ipas to my host machine for analysis. The articles I found most interesting from this user were:

Setting Up a Jailbreak Environment For Beginners

Preparing IPhone for Application Security

Extracting the IPA File and Local Data Storage of an IOS Application

Hope y’all enjoy!

  • borari@sh.itjust.works
    link
    fedilink
    arrow-up
    2
    ·
    edit-2
    1 year ago

    Mobile/iOS pentesting is definitely something I’ve kept off to the side but still warm, wanting to explore further but always having something more pressing to take up my time. Outside of proxying app web requests through Burp, I have no experience in the mobile app space. I’m definitely bookmarking these resources, and I’m going to try to make a point to move the whole thing up to the front burner soon.

    • redawl@sh.itjust.worksOP
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      Awesome! Yeah, I was in the same boat, had only proxied requests through burp. I had done some .apk analysis for an android CTF and found it fascinating, but it’s definitely harder to get into the iDevice space. Fascinating though, once you open that door.