Unlock the full potential of your projects.
Show full map

iOS Pentesting

Technology
Hackers Bone
Get Started. It's Free
or sign up with your email address
Similar Mind Maps Mind Map Outline
iOS Pentesting by Mind Map: iOS Pentesting

1. iOS Security Model & Legacy Issue

1.1. JailBroken Detection & Sandboxing

1.2. SSL Unpinning

1.3. Use of Disabling certificate validation

1.4. ASLR/PIE Flag Check

1.5. Format Strings

1.6. Buffer Overflows & Stack

2. Unintended Data Leakage

2.1. NSLog / Apple System Log

2.1.1. Integer Overflow & Heap

2.2. Application Backgrounding / Snapshots

2.3. Cache Prediction

2.4. Clipboard

2.5. Pastebin

2.6. GitHub

2.7. Keylogging & AutoCorrection Database

2.8. State Preservation

3. Reverse Engineering / Debugging

3.1. Unauthorized Code Modification

3.2. Insecure version of OS Installation Allowed

4. iOS Networking

4.1. iOS URL Loading System

4.2. NSURLSession

4.3. Proxy Configure/SSL Pinning

5. Runtime / Dynamic Analysis

5.1. Using Hopper

5.2. Method Swizzling & Categories

5.3. Callback & Blocks

5.4. Client Side Attack

5.4.1. Sql Injection

5.4.2. Cross-site Scripting

5.4.3. Prediction Injection

5.4.4. XML Injection

5.4.5. Application Level DOS

5.5. Broken Authentication & Session Management

5.5.1. Session Terminating after Password Reset

5.5.2. Expired Token can be reused

5.5.3. Authentication Bypass using Success Response

5.5.4. OAuth Flow & 2FA Bypass

5.5.5. Cleartext Tranmission

5.6. Broken Access Control (BAC)

5.6.1. SSRF

5.6.2. Prev Escalation & IDOR

5.6.3. Unauthorized API Call

6. Lab Setup

6.1. Weak Cryptography

6.1.1. Data Protection API

6.1.2. Weak Hashing & Encryption

6.1.3. Poor key management process

6.1.4. Use of custom encryption protocols

6.2. JailBroken Device

6.3. Cydia

6.3.1. 1. MTerminal 2. Substrate Safe Mode 3. OpenSSH 4. IPA Installer 5. BigBoss Recommended Tools 6. Network Commands 7. Bootstrap commands 8. Developer -cmds 9. Filza 10. Make 11. Nano 12. Apple Find Conduct Tool 13. House Arrest Fix 14. PreferencesLoader

6.4. Class Dump

6.5. Frida-iOS-dump

7. Application Installation

7.1. Using IPA File

7.2. Using .app File

7.3. Decrypting App

8. Insecure Data Storage

8.1. iOS Directory Structure

8.2. In Sqlite Database

8.3. In Info.plist

8.4. Core Framework

8.5. Keychain

9. Interprocess Communication

9.1. Scheme

9.1.1. Custom Scheme

9.1.2. Universal Link

9.2. Sharing Data with UIActivity

9.3. Application Extension

9.3.1. Exploit of Pasteboard

9.3.2. Restricting and Validating Shareable Data

10. Web-Based Exploitation

10.1. Abuse UIWebView

10.2. Risk of Javascript Cocoa Bridge