Breaking the iOS Security Testing barrier: How we did it & how you can too
In the realm of bug bounty hunting, testing on iOS platform has often been the relatively less explored by many securityxenthusiasts. This is due to various reasons such as logistics of iOS hardware, restrictions in the ecosystem and lack of content around getting started etc.
Akshay is a Security researcher with PhonePe. He has been working in the cybersecurity industry for the last few years and is interested in application security and reverse engineering. He has presented his research in leading conferences such as PHDays and inCTF. He has found multiple vulnerabilities and reported responsibly to Adobe, Apple, HP, and Google, with multiple CVEs and acknowledgements to his name.
During this talk, we will take the audience through our journey, as we share our experiences of breaking the barrier in iOS security testing. Through a series of case studies, we will showcase the unique challenges and vulnerabilities we encountered, as well as techniques we employed to overcome them.
Our talk will delve into the intricacies of iOS pentesting, unveiling the lesser-known aspects that make it a fascinating and rewarding path for bug bounty hunters. We will discuss the fundamental concepts of iOS security along with practical examples, we will demonstrate how to do security testing on iOS platform and uncover hidden risks in iOS applications.