#iOS Security

Explore Frida for mobile app analysis: trace functions, examine memory, bypass security. Practical examples for iOS and Android, including SSL pinning bypass and custom tool creation.

Add to list

42 Lesons

59 minutes

On-Demand

Free-Video

SyScan360

BadXNU - Exploiting Vulnerabilities in Apple's XNU Kernel

Explore vulnerabilities in Apple's XNU kernel, uncovering security flaws and potential exploits in iOS and macOS systems.

Add to list

1 Lesons

59 minutes

On-Demand

Free-Video

OWASP Distinguished Lifetime Member Award - Jeff Williams' Contributions

Explore Jeff Williams' contributions to OWASP, including foundational projects, non-profit creation, and innovative security concepts, in this insightful 20th anniversary recognition.

Add to list

14 Lesons

30 minutes

On-Demand

Free-Video

SSL Traffic Interception on Mobile Devices - Analysis and Protection

Análisis detallado de incidentes SSL en aplicaciones móviles, revelando patrones globales, casos notables y soluciones para desarrolladores contra la interceptación de tráfico.

Add to list

16 Lesons

52 minutes

On-Demand

Free-Video

Bugs Ruin Everything - Keynote on Vulnerability Analysis and Exploitation

Explore vulnerability analysis techniques, their strengths and weaknesses, and real-world case studies with security expert Charlie Miller in this engaging keynote from AppSecEU 2016.

Add to list

35 Lesons

53 minutes

On-Demand

Free-Video

OWASP Mobile Top Ten 2014 - The New Lack of Binary Protection Category

Explore the new OWASP Mobile Top Ten category: lack of binary protections. Learn about risks to mobile apps, their impact on the app economy, and strategies to mitigate these threats on iOS and Android platforms.

Add to list

1 Lesons

45 minutes

On-Demand

Free-Video

Mobile Security Track - AppSec Europe 2014

Explore cutting-edge mobile security topics at AppSecEU 2014, covering iOS and Android vulnerabilities, OWASP Mobile Top Ten, smart storage scanning, and practical defense strategies for app developers.

Add to list

6 Lesons

6 hours 26 minutes

On-Demand

Free-Video

Mobile App Analysis with Santoku Linux

Explore mobile app analysis using Santoku Linux, covering forensics, security testing, and malware analysis for Android and iOS platforms. Live demos showcase practical applications of preinstalled tools.

Add to list

29 Lesons

49 minutes

On-Demand

Free-Video

Mobile Security Attacks - A Glimpse from the Trenches

Explore emerging mobile security threats, from physical to network and application levels, with real-world attack examples and insights from experts who uncovered iOS vulnerabilities.

Add to list

20 Lesons

48 minutes

On-Demand

Free-Video

AppSecUSA 2014 - Breakers Track Sessions

Explore cutting-edge web and mobile security topics, including mobile attacks, use-after-free exploitation, static analysis, runtime manipulation, and top hacking techniques from AppSecUSA 2014.

Add to list

5 Lesons

6 hours 12 minutes

On-Demand

Free-Video

OWASP Top 10 Mobile Risks: 2014 Reboot

Explore the updated 2014 OWASP Top 10 Mobile Risks, comparing changes since 2011, understanding new threats, and learning recommended fixes for iOS, Android, and Windows Phone platforms.

Add to list

1 Lesons

31 minutes

On-Demand

Free-Video

OffensiveCon

Escaping the Safari Sandbox: A Tour of Webkit IPC

Explore Webkit IPC vulnerabilities and techniques for escaping the Safari sandbox, gaining insights into browser security and exploitation.

Add to list

1 Lesons

29 minutes

On-Demand

Free-Video

DEFCONConference

NSPredicate Exploitation on macOS and iOS - Understanding Security Vulnerabilities and Bypasses

Delve into NSPredicate exploitation techniques on Apple devices, exploring security vulnerabilities, bypass methods, and practical demonstrations for executing arbitrary code in privileged iOS processes.

Add to list

1 Lesons

35 minutes

On-Demand

Free-Video

LASCON

Sexy Mobile App Attacks by Example - 2019

Comprehensive review of security flaws in Android and iOS apps, covering anonymized findings, vulnerabilities in open-source apps, and issues in government-mandated applications. Practical insights for mobile security enthusiasts.

Add to list

1 Lesons

51 minutes

On-Demand

Free-Video

White Hat Cal Poly

Machswap - Stephen Parkinson

Explore iOS jailbreaking through machswap vulnerability, gaining insights into kernel access techniques and the iOS 12 jailbreak development process.

Add to list

23 Lesons

28 minutes

On-Demand

Free-Video

HackerOne

iOS Hacking - Inter-App Communication Vulnerabilities

Explore iOS inter-app communication vulnerabilities, focusing on pasteboard sharing, URL schemes, and universal links. Learn to use Frida for tracing and testing these mechanisms.

Add to list

9 Lesons

15 minutes

On-Demand

Free-Video

HackerOne

iOS Hacking - Filesystem Basics

Explore iOS app filesystem interactions, data storage methods, and file protection attributes. Learn to analyze artifacts and use runtime instrumentation for comprehensive iOS application security assessment.

Add to list

1 Lesons

19 minutes

On-Demand

Free-Video

HackerOne

iOS Application Hacking - Understanding IPA Structure and Mach-O Binaries

Explore iOS app structure, IPA files, Mach-O binaries, and techniques to uncover hidden interfaces, API keys, and sensitive data. Learn to analyze and reconstruct app functionality.

Add to list

10 Lesons

16 minutes

On-Demand

Free-Video

OWASP AppSecUSA 2014 - Builders Track Sessions

Explore cutting-edge web security topics including OWASP tools, .NET hacking, iOS integrity, password complexity, and client-side security in this comprehensive AppSecUSA conference session.

Add to list

5 Lesons

4 hours 59 minutes

On-Demand

Free-Video

Automated Mobile Application Security Assessment with MobSF - AppSec EU 2016

Discover automated mobile app security assessment using MobSF. Learn techniques for identifying vulnerabilities and enhancing protection in mobile applications.

Add to list

1 Lesons

45 minutes

On-Demand

Free-Video

Uncovering OWASP's Mobile Risks in iOS Apps - AppSec California 2015

Explore iOS app vulnerabilities through reverse engineering techniques. Learn to extract, analyze, and identify common security risks in mobile applications using real-world examples.

Add to list

16 Lesons

58 minutes

On-Demand

Free-Video

Runtime Manipulation of Android and iOS Applications - Mobile Security Testing

Hands-on exploration of runtime manipulation and memory analysis techniques for Android and iOS apps, enhancing mobile security testing skills using tools like cycript and snoop-it.

Add to list

17 Lesons

43 minutes

On-Demand

Free-Video

Ten Secrets to Secure Mobile Applications

Discover key strategies for securing mobile apps, focusing on encryption, web service design, and user privacy. Learn to threat model and address top vulnerabilities using OWASP Mobile Top Ten framework.

Add to list

22 Lesons

45 minutes

On-Demand

Free-Video

iOS App Integrity: Enhancing Security with Encrypted Code Modules

Explore iOS app security vulnerabilities and learn advanced protection techniques like Encrypted Code Modules (ECM) to safeguard against static analysis, binary patching, and other common attacks.

Add to list

29 Lesons

41 minutes

On-Demand

Free-Video

Fixing Mobile Application Security - OWASP Mobile Security Testing Guide

Introduction to OWASP Mobile Security Testing Guide and Mobile Application Security Verification Standard, addressing challenges in mobile app security testing and best practices for secure development.

Add to list

1 Lesons

29 minutes

On-Demand

Free-Video

Fixing Mobile Application Security - The OWASP Mobile Project

Explore OWASP's Mobile Application Verification Standard and Security Testing Guide, addressing key mobile app security challenges and best practices for secure data storage, communication, and API usage.

Add to list

1 Lesons

39 minutes

On-Demand

Free-Video

Needle: Finding Issues within iOS Applications

Discover Needle, an open-source framework for streamlined iOS app security assessments. Learn about its modular architecture, capabilities, and how it simplifies vulnerability detection in iOS applications.

Add to list

1 Lesons

21 minutes

On-Demand

Free-Video

iGoat: A Self-Learning Tool for iOS App Security Testing

Learn iOS app security through hands-on exercises with iGoat, an open-source tool for developers and pentesters. Explore vulnerabilities, exploit techniques, and implement fixes in a safe environment.

Add to list

23 Lesons

26 minutes

On-Demand

Free-Video

Testing iOS Apps without Jailbreak - Penetration Testing Techniques

Learn techniques for penetration testing iOS apps without jailbreaking, including live demos on accessing protected resources on the latest iOS version. Ideal for pentesters facing jailbreak limitations.

Add to list

1 Lesons

36 minutes

On-Demand

Free-Video

Smart Storage Scanning for Mobile Apps - Attacks and Exploits

Explore mobile app security vulnerabilities, focusing on local storage attacks. Learn automated scanning techniques for Android and iOS, with live demonstrations and defense strategies.

Add to list

1 Lesons

45 minutes

On-Demand

Free-Video

Hacking Web Server Apps for iOS - Security Risks and Vulnerabilities

Explore iOS web server app vulnerabilities, from XSS to potential RCE. Learn risks, attack vectors, and implications for both jailbroken and non-jailbroken devices in this eye-opening security analysis.

Add to list

20 Lesons

31 minutes

On-Demand

Free-Video

BASHing iOS Applications - Command Line Tools for Mobile Auditors

Explore iOS application assessment using command-line tools. Learn mobile security fundamentals, binary analysis, data storage, and endpoint parsing while addressing OWASP Mobile Top 10 vulnerabilities.

Add to list

1 Lesons

47 minutes

On-Demand

Free-Video

LASCON

Mobile Rules the World - Jump into Mobile AppSec with the OWASP MAS Project

Explore mobile app security fundamentals, OWASP MASVS V2 updates, and top 5 security issues. Learn testing techniques, prevention strategies, and latest iOS/Android security updates.

Add to list

1 Lesons

56 minutes

On-Demand

Free-Video

media.ccc.de

Operation Triangulation: Uncovering a Sophisticated Zero-Click Attack on iPhones

Unveiling a sophisticated zero-click iOS attack chain: discovery, analysis, and implications of Operation Triangulation, a highly advanced spyware targeting researchers' iPhones.

Add to list

1 Lesons

58 minutes

On-Demand

Free-Video

iOS URL Schemes: Security Implications and Vulnerabilities

Explore iOS URL schemes and their potential security implications in mobile app development and usage.

Add to list

1 Lesons

30 minutes

On-Demand

Free-Video

Hacking Into iOS's VoLTE Implementation

Unveiling a critical VoLTE vulnerability in iOS devices, exploring its technical details, impact on user privacy, and Apple's response to this long-standing security flaw in 4G implementation.

Add to list

1 Lesons

38 minutes

On-Demand

Free-Video

Malicious MDM: Exploiting iOS MobileConfigs for Device Control

Explore iOS MDM vulnerabilities, learn attack techniques, and discover preventive measures to protect against malicious mobile device management configurations.

Add to list

7 Lesons

23 minutes

On-Demand

Free-Video

BSidesLV

iOS Runtime Hacking Crash Course

Dive into iOS runtime hacking techniques, exploring methods to manipulate and analyze iOS applications for security testing and reverse engineering purposes.

Add to list

1 Lesons

53 minutes

On-Demand

Free-Video

Recon Conference

Discovering the iOS Instruments Server

Reverse-engineering of iOS privileged server providing sensitive data to Apple's debugging tools. Explores techniques used to uncover and analyze this critical system component.

Add to list

1 Lesons

22 minutes

On-Demand

Free-Video

Recon Conference

Exploiting Userland Vulnerabilities to Get Rogue App Installed Remotely on iOS 11

Exploiting iOS11 vulnerabilities to remotely install rogue apps, bypassing security enhancements and code signing requirements without kernel exploits. Techniques for sandbox escape and persistent installation demonstrated.

Add to list

17 Lesons

55 minutes

On-Demand

Free-Video

Ekoparty Security Conference

Mobile Hacking - OWASP Mobile Project and How to Use It for White Hat Hacking

Explora los proyectos OWASP para seguridad móvil: MASVS para verificación y MSTG para pruebas e ingeniería inversa. Aprende a evaluar y mejorar la seguridad de aplicaciones iOS y Android.

Add to list

1 Lesons

45 minutes

On-Demand

Free-Video

Ekoparty Security Conference

Análisis Global de la Privacidad en Tráfico Celular

Análisis global de la privacidad en tráfico celular, revelando riesgos de vigilancia a través de aplicaciones móviles que envían datos personales sin seguridad ni consentimiento. Concientiza sobre la importancia de encriptar y verificar comunicaciones.

Add to list

1 Lesons

50 minutes

On-Demand

Free-Video

Jailbreaking iOS in the Post-Apocalyptic Era

Exploración detallada del jailbreak en iOS, abordando desafíos de seguridad, técnicas de bypass y evolución de las medidas de Apple. Análisis profundo de sandbox, firma de código y mitigaciones de hardware/software.

Add to list

1 Lesons

47 minutes

On-Demand

Free-Video

media.ccc.de

Messenger Hacking - Remotely Compromising an iPhone through iMessage

Detailed exploration of a remote iPhone exploit via iMessage, covering vulnerability analysis, exploitation techniques, and mitigation strategies for mobile OS and messenger security.

Add to list

1 Lesons

1 hour 2 minutes

On-Demand

Free-Video

Security BSides San Francisco

Who's Breaking into Your Garden? - iOS & OS X Malware You May Not Know

Comprehensive analysis of recent iOS and OS X malware, exploring attack techniques, characteristics, and trends. Insights for enhancing security measures against emerging threats on Apple platforms.

Add to list

1 Lesons

52 minutes

On-Demand

Free-Video

SyScan360

iOS 678 Security - A Study in Fail

Explore iOS security vulnerabilities, jailbreak techniques, and Apple's responses across iOS 6-8. Gain insights into historical exploits and the evolving landscape of iOS security.

Add to list

33 Lesons

49 minutes

On-Demand

Free-Video

Association for Computing Machinery (ACM)

SandScout - Automatic Detection of Flaws in iOS Sandbox Profiles

Automatic detection of flaws in iOS sandbox profiles using SandScout tool. Explores iOS architecture, sandbox profile language, and presents proof of concept for identifying security vulnerabilities.

Add to list

22 Lesons

27 minutes

On-Demand

Free-Video

Attacking iPhone XS Max

Explore iPhone XS Max vulnerabilities, including PAC implementation, XNU bug exploitation, and kernel read/write access. Learn about Unix Domain Socket, race conditions, and unprotected control flow transfer points.

Add to list

16 Lesons

35 minutes

On-Demand

Free-Video

Behind the Scenes of iOS and Mac Security

Explore iOS and macOS security features, including Find My, Gatekeeper, and kernel integrity protection. Learn about Apple's innovative approaches to user privacy and device security.

Add to list

31 Lesons

44 minutes

On-Demand

Free-Video

XNU Heap Exploitation - From Kernel Bug to Kernel Control

Exploración detallada de la explotación del heap XNU, analizando dos vulnerabilidades del kernel y tres exploits. Cubre internos de XNU, técnicas de explotación y cambios entre versiones de iOS.

Add to list

58 Lesons

44 minutes

On-Demand

Free-Video

The One Weird Trick SecureROM Hates - Vol. 2

Exploring checkm8 vulnerability in iOS SecureROM, its exploitation for jailbreaking, and updates on pongoOS development. Insights into cross-platform challenges and future plans for iOS security research.

Add to list

17 Lesons

1 hour 5 minutes

On-Demand

Free-Video

Contextomy - Let's Debug Together

Explore a critical iOS design flaw allowing remote code execution through debug session hijacking. Learn about the vulnerability's discovery, research, exploitation, and Apple's fix.

Add to list

24 Lesons

44 minutes

On-Demand

Free-Video

The Road to iOS Sandbox Escape

Exploring iOS sandbox vulnerabilities through mach message IPC, revealing potential exploits in various daemons. Includes research tools and demonstrations of discovered vulnerabilities in Apple's mobile devices.

Add to list

36 Lesons

39 minutes

On-Demand

Free-Video

Breaking Apple's iCloud Keychain

Discover techniques for accessing and analyzing data stored in Apple's iCloud, including synced information, backups, and keychain contents. Learn about vulnerabilities in two-factor authentication.

Add to list

15 Lesons

37 minutes

On-Demand

Free-Video

iOS 10 Kernel Heap Revisited

Detailed exploration of iOS 10 kernel heap implementation, discussing Apple's counter-measures against exploitation techniques and potential attacker adaptations in iOS 9 and 10 beta versions.

Add to list

23 Lesons

1 hour 5 minutes

On-Demand

Free-Video

Reverse Engineering Swift Applications

Exploring Swift app reverse engineering: class info extraction, Objective-C bridging, runtime manipulation, and function hooking for security professionals and pentesters.

Add to list

22 Lesons

24 minutes

On-Demand

Free-Video

Finding Vulnerabilities in iOS - MacOS Networking Code

Explore iOS/macOS networking vulnerabilities, focusing on mbuf processing in XNU kernel. Learn about network packet structures, vulnerability discovery techniques, and PoC exploit development.

Add to list

25 Lesons

50 minutes

On-Demand

Free-Video

Swiping Through Modern Security Features

Exploring iOS 6 security features and jailbreak techniques, including kernel ASLR, code signing, and exploit methods. Insights from expert developers on bypassing modern mobile security protections.

Add to list

35 Lesons

1 hour 8 minutes

On-Demand

Free-Video

Stealth Mango and the Prevalence of Mobile Surveillanceware

Unveiling nation-state mobile surveillance tools Stealth Mango and Tangelo, exploring their capabilities and impact on government and military targets across multiple countries.

Add to list

1 Lesons

47 minutes

On-Demand

Free-Video

A Brief History of Mitigation - The Path to EL1 in iOS 11

Explore the async_wake exploit for iOS 11.1.2, examining each step and the mitigations overcome. Gain insights into iOS security vulnerabilities and exploitation techniques.

Add to list

1 Lesons

45 minutes

On-Demand

Free-Video

iOS Jailbreak Internals - Userland Read-Only Memory Can Be Dangerous

Explora las vulnerabilidades en la memoria de solo lectura de iOS, analizando ataques DMA y explotando fallas en IOSurfaceAccelerator para lograr ejecución de código arbitrario y jailbreak.

Add to list

32 Lesons

50 minutes

On-Demand

Free-Video

ZEROing Trust - Do Zero Trust Approaches Deliver Real Security?

Analyze effectiveness of zero trust security across modern OS platforms, examining measurable properties to establish trust in various threat scenarios.

Add to list

1 Lesons

54 minutes

On-Demand

Free-Video

Racing the Dark - A New TOCTTOU Story From Apple's Core

Unveils macOS kernel vulnerabilities, highlighting memory mapping issues and race conditions that bypass security updates. Emphasizes the need to reevaluate macOS/iOS memory mapping mechanisms.

Add to list

1 Lesons

35 minutes

On-Demand

Free-Video

The Last Line of Defense - Understanding and Attacking Apple File System on iOS

Explore APFS architecture, previous attacks, and a new method to bypass mitigations, potentially compromising iOS file system security.

Add to list

1 Lesons

25 minutes

On-Demand

Free-Video

Optimized Fuzzing IOKit in iOS

Optimized fuzzing approach for iOS IOKit interfaces, dynamically resolving symbols and parameters to improve efficiency and effectiveness in vulnerability discovery.

Add to list

18 Lesons

34 minutes

On-Demand

Free-Video

Faux Disk Encryption - Realities of Secure Storage on Mobile Devices

Explore mobile device data security challenges, debunk full-disk encryption myths, and learn sophisticated secure storage techniques for iOS and Android, addressing real-world application vulnerabilities.

Add to list

48 Lesons

44 minutes

On-Demand

Free-Video

Enterprise Apps - Bypassing the iOS Gatekeeper

Explore iOS security vulnerabilities through enterprise apps, examining real-world statistics and a zero-day attack that bypasses Apple's gatekeeper, revealing critical flaws in the iOS security model.

Add to list

1 Lesons

37 minutes

On-Demand

Free-Video

Behind the Scenes of iOS Security

Explore iOS security mechanisms including HomeKit, Auto Unlock, iCloud Keychain, Data Protection, and JIT hardening. Learn about Apple's innovative approaches to protect user data and enhance mobile security.

Add to list

1 Lesons

52 minutes

On-Demand

Free-Video

Pangu 9 Internals

Explore iOS 9 jailbreak internals, vulnerabilities, and exploitation techniques used in Pangu 9. Learn about system service flaws, code execution methods, and persistent code signing bypass.

Add to list

27 Lesons

47 minutes

On-Demand

Free-Video

Attacking the XNU Kernel in El Capitan

Explore new techniques to bypass XNU kernel exploit mitigations in El Capitan, including KASLR and SMEP, and learn how to overcome System Integrity Protection through a real kernel exploit demonstration.

Add to list

1 Lesons

37 minutes

On-Demand

Free-Video

Review and Exploit Neglected Attack Surfaces in iOS 8

Explores overlooked iOS 8 vulnerabilities through fuzzing and code auditing, revealing system daemon crashes and memory corruption errors triggerable via XPC, plus an iOS kernel 0day.

Add to list

1 Lesons

51 minutes

On-Demand

Free-Video

Beyond the Crypt - Practical iOS Reverse Engineering

Explore practical iOS reverse engineering techniques to uncover hidden app functionalities and enhance mobile security understanding.

Add to list

1 Lesons

49 minutes

On-Demand

Free-Video

Recreating an iOS 0-Day Jailbreak Out of Apple's Security Updates

Detailed walkthrough of recreating an iOS jailbreak from security updates, covering vulnerability discovery, exploit development, and jailbreak creation. Includes practical demonstration and insights.

Add to list

1 Lesons

56 minutes

On-Demand

Free-Video

Remotely Compromising iOS via Wi-Fi and Escaping the Sandbox

Explore iOS vulnerabilities through Wi-Fi networks, including sandbox escapes and kernel bugs. Learn about attack vectors, exploitation techniques, and security implications for mobile devices.

Add to list

20 Lesons

38 minutes

On-Demand

Free-Video

Fried Apples - Jailbreak DIY

Explore iOS jailbreaking techniques, including persistence, patchfinding, and kernel protection bypass. Learn about internal structures and low-level details of modern jailbreaks for Apple devices.

Add to list

33 Lesons

42 minutes

On-Demand

Free-Video

GOTO Conferences

Security Threats & Mitigations for iOS Developers

Explore iOS security threats and mitigations, covering architecture, malware examples, and best practices for developers to enhance app protection and user safety.

Add to list

25 Lesons

47 minutes

On-Demand

Free-Video

MacOS Security - Escaping The Sandbox & Bypassing TCC

Explore macOS security measures, including sandboxing and TCC, and learn about potential vulnerabilities and bypass techniques in third-party applications and system components.

Add to list

1 Lesons

55 minutes

On-Demand

Free-Video

Spoofing Your Location on iOS Without Jailbreaking

Explore a physical hardware device for GPS spoofing on non-jailbroken iPhones, offering a flexible and accurate solution beyond traditional app-based methods.

Add to list

1 Lesons

24 minutes

On-Demand

Free-Video

Jailbreaks Never Die - Exploiting iOS 13.7

Unveiling iOS 13.7 exploit chain: kernel vulnerabilities, mitigation bypasses, and techniques for reading/writing kernel memory. Insights into iOS security research and jailbreak development.

Add to list

1 Lesons

51 minutes

On-Demand

Free-Video

Rootten Apples - Vulnerability Heaven in the iOS Sandbox

Exploring iOS vulnerabilities beyond containerized apps, revealing multiple privilege escalation flaws affecting all devices and demonstrating a chained exploit to bypass security mitigations.

Add to list

1 Lesons

44 minutes

On-Demand

Free-Video

Story of Jailbreaking iOS 13

Explore the process and techniques of jailbreaking iOS 13, including kernel vulnerabilities and unauthorized code execution, presented by an expert at Black Hat conference.

Add to list

1 Lesons

38 minutes

On-Demand

Free-Video

iOS Kernel PAC, One Year Later

Análisis de la evolución y vulnerabilidades de la autenticación de punteros del kernel de iOS, con demostraciones de nuevos métodos para eludir la seguridad en iOS 13.3.

Add to list

1 Lesons

41 minutes

On-Demand

Free-Video

Unwrapping the Truth - Analysis of Mobile Application Wrapping Solutions

Explore mobile application wrapping solutions for BYOD, analyzing their security claims, implementation, and vulnerabilities in iOS and Android environments.

Add to list

1 Lesons

54 minutes

On-Demand

Free-Video

Exploiting Unpatched iOS Vulnerabilities for Fun and Profit

Discover techniques for exploiting iOS vulnerabilities, including finding new attack vectors, chaining vulnerabilities, and defeating code signing to jailbreak the latest iOS version.

Add to list

1 Lesons

44 minutes

On-Demand

Free-Video

Exchanging Demands

Explore vulnerabilities in Microsoft Exchange's mobile device management, focusing on remote wipe functionality and potential exploitation through policy updates without authentication.

Add to list

35 Lesons

42 minutes

On-Demand

Free-Video

Practical Attacks Against MDM Solutions

Explore novel proof-of-concept attack techniques on Android and iOS devices that bypass traditional mobile malware detection and circumvent common Mobile Device Management features.

Add to list

1 Lesons

45 minutes

On-Demand

Free-Video

Cellular Exploitation on a Global Scale - The Rise and Fall of the Control Protocol

Explore hidden cellular device controls, their vulnerabilities, and potential for global exploitation. Learn reverse engineering techniques, protocol analysis, and proof-of-concept exploits for major platforms and networks.

Add to list

29 Lesons

52 minutes

On-Demand

Free-Video

A Practical Attack Against MDM Solutions

Unveiling spyphone attacks: A proof-of-concept technique bypassing mobile malware detection and MDM features, demonstrating vulnerabilities in mobile security and surveillance risks.

Add to list

26 Lesons

43 minutes

On-Demand

Free-Video

Injecting Malware into iOS Devices via Malicious Chargers

Demonstration of iOS device vulnerability through malicious chargers, bypassing security mechanisms to inject arbitrary software within one minute of connection, using a proof-of-concept called Mactans.

Add to list

1 Lesons

49 minutes

On-Demand

Free-Video

Apple's Predicament - NSPredicate Exploits on iOS and macOS

Explore NSPredicate vulnerabilities in iOS and macOS, including FORCEDENTRY sandbox escape and new research on circumventing Apple's restrictions for potential code execution in privileged processes.

Add to list

1 Lesons

36 minutes

On-Demand

Free-Video

Input Output + Syslog - Obtaining Data From Locked iOS Devices via Live Monitoring

Discover techniques to extract significant data from locked iOS devices through USB monitoring and live system log capture, without needing passwords or device unlocks.

Add to list

1 Lesons

35 minutes

On-Demand

Free-Video

A TouchID of iOS Security

Explore iOS security features, focusing on TouchID technology and its implications for device protection and user authentication.

Add to list

1 Lesons

37 minutes

On-Demand

Free-Video

NDC Conferences

Unlocking Secrets of Proprietary Software Using Frida

Explore binary application internals with Frida, a powerful instrumentation framework. Learn to hook functions, trace data, and analyze software across multiple platforms through hands-on demos.

Add to list

15 Lesons

52 minutes

On-Demand

Free-Video

DEFCONConference

Automatic Exploitation of TLS Certificate Validation Vulnerabilities

Explore TLS certificate validation vulnerabilities and their automated exploitation using certmitm, featuring real-world attacks on iOS and Windows 11 systems.

Add to list

1 Lesons

50 minutes

On-Demand

Free-Video

OffensiveCon

MacDirtyCow: Auditing and Exploiting XNU Virtual Memory

Explore XNU virtual memory auditing and exploitation techniques, focusing on the MacDirtyCow vulnerability in Apple's operating systems.

Add to list

1 Lesons

33 minutes

On-Demand

Free-Video

WEareTROOPERS

WatchWitch - Hacking the Apple Watch