This course is designed to provide a comprehensive understanding of the internals of the iOS operating system and its security features. The course will cover topics such as the iOS operating system architecture, memory management, application sandboxing, code signing etc.
Students will learn the fundamental concepts and tools used in reverse engineering, and get a thorough introduction to the ARM64 architecture, including static and dynamic analysis techniques, as well as various debugging and disassembly tools. Exploit mitigations such as SPTM, TXM, PAC, PAN, PPL etc. will also be discussed. Additionally, the course covers iOS application security, including topics such as encryption, and secure communication.
Students will learn how to use Frida, a dynamic instrumentation framework, for reverse engineering and dynamic analysis of mobile applications. We will also discuss advanced topics such as hooking, memory manipulation, and instrumenting network communication.
This course will also discuss the tools and techniques used for analyzing iOS malware. The course will also cover the different stages of iOS malware analysis, including static, dynamic, and behavioral analysis. Additionally, the course will walk the attendees through different methods of mitigating and preventing iOS malware.
This course will be a mix of lectures, practical labs, and projects designed to give students hands-on experience with iOS internals and iOS application security. Students will gain the skills needed to reverse engineer, design, develop, and secure iOS applications.
Learning Objectives
Introduction to ARM64 architecture
Understand iOS app lifecycle
Overview of the iOS Kernel and it's Security Mitigations
Reverse engineering iOS binaries (Apps and system binaries)
Get an intro to common bug various bug categories on iOS
Learn to audit iOS apps for security vulnerabilities
Understand Memory allocation in Userland and Kernel
Understand and bypass anti-debugging and obfuscation techniques
Learn manual and automated ways of bypassing security mitigations
Learn Device Fingerprinting and Anti-Fraud techniques
Get a detailed walkthrough on using Ghidra, Hopper etc.
Advanced Dynamic Instrumentation using Frida
Understanding how Rooting and Jailbreaks work
Case Study of some known vulnerabilities
Learn to identify vulnerabilities in native as well as Cross-platform apps
Learn to exploit different iPC mechanisms (mach_msg, XPC etc.)
mach_msg2 , SAD_FENG_SHUI, PGZ
Get a detailed walkthrough on using IDA Pro, Hopper, Ghidra, etc.
Secure Mobile apps by implementing custom solutions
Become a Certified iOS Security Researcher (CISR)
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):