LISBON 10-12
APRIL 2014
LISBON 10-12
APRIL 2014

Edit your talk

Talks > Pentesting iOS Applications

Status

This talk has been approved for this year's edition. Check the calendar for more information.

Language

English

Abstract

We all love mobile devices, being it a smartphone, a tablet, a music/video player. They're so flexible that we use them to interact with other people (voice, text, video), set likes on friends posts, post that last amazing picture online, check your finances, buy stuff, etc. We do all this private, personal stuff because we trust the device, we trust the operating system, we trust the applications we use.

Should we ?

In this talk we will be exploring the iOS operating system and it's applications from the perspective of a penetration tester.
What do I need to setup a pentest environment ?
What kind of tools can I use ?
Where do I start ?
What I can do ?

We'll be going through:
- iOS Security features
- Client component of an app: data storage, application manipulation,
- Network component of an app
- Server component of an app

There will be some tips along the way for iOS developers on how to build secure applications.

Proposal date

2014-01-08 22:17:01

Rate & Comment

You can use this section to optionally comment on this talk (comments are public). Your comment is saved when you press the "comment" button at the bottom. Your thumb decision is private, no one will see it. You can change thumb decision at any time later, the last submission will prevail. You can post as many comments as you want.

You need to be registered and logged in to comment or rate this talk proposal.

Comments

Ricardo Machado
on , said:

Pretty cool :) Upvoted, hope you get selected ;-)

$geekfactor 0x0

José Lopes (Sá)
on , said:

easy upvote! can't wait!

$geekfactor 0x0

Filipe Reis
on , said:

upvoted ;)

$geekfactor 0x0

Bruno Morisson
on , said:

I wanna see this talk! :D

$geekfactor 0x0

Emanuel Alves
on , said:

upvote

$geekfactor 0x0

Rui Guedes
on , said:

Upvoted all the way! Can't wait to watch this talk, I do some iOS dev and this is a very interesting field to explore. Hope you get selected!

$geekfactor 0x0

Rúben Miguel Oliveira Tadeia
on , said:

This is a talk i would like to see! ;)

$geekfactor 0x0

Ricardo Carneiro
on , said:

Upvoted

$geekfactor 0x0

Igor Antunes
on , said:

Mega upvoted! I really hope you get selected because this talk seems very interesting xD

$geekfactor 0x0

Ricardo Vercesi
on , said:

Must see! Absolutely!

$geekfactor 0x0

António Pedro Oliveira Cunha Santos
on , said:

Pretty cool :) Upvoted!

+ Filipe Reis, is it me or this year there are quite more talks about security ? :) By the way, thx for the other tip! it kept me awake for 2 nights straight! ;)

$geekfactor 0x0

Ricardo Branco
on , said:

upvoted

$geekfactor 0x0

Diogo Emanuel Marques da Silva
on , said:

cool stuff !

$geekfactor 0x0

Carlos Serrão
on , said:

You have my vote, and it seems quite interesting and useful...
Provocation... ;-) -> are the network and server components, part of iOS (or the iOS app) or not... is the title misleading?!? :-)

$geekfactor 0x0

Herman Duarte
on , said:

+ Carlos Serrão, The talk is about pentesting iOS 3rd party Applications, meaning the apps that we download from the app store. The components that we'll explore are part of the iOS app. But they may also be components of the iOS platform, because most applications rely on the iOS APIs to do the heavy work. Did I answer your question ?

If you have more question feel free to ask :)

$geekfactor 0x0

Carlos Serrão
on , said:

+ Herman Duarte, sure... it was just a "provocation"... I understand that! As I said, I look forward to see the talk!
;-)

$geekfactor 0x0

Joao Silva Aguiar
on , said:

I'm not losing this one :) nice

$geekfactor 0x0

André Dias
on , said:

Since my company has an iOS app on the AppStore, I'd like to know how secure it is =D

$geekfactor 0x0

Francisco G. T. Ribeiro
on , said:

must see this!

$geekfactor 0x0

Filipe Reis
on , said:

congrats Herman

$geekfactor 0x0

Herman Duarte
on , said:

+ Filipe Reis, Danke :) Espero que a tua talk seja aceite !

$geekfactor 0x0

João costa
on , said:

I attended a pen testing on Iseltech'13 and it was awesome tanks Herman

$geekfactor 0x0

Paulo J Morgado
on , said:

Congrats Herman!!!

$geekfactor 0x0

Pedro Costa
on , said:

Computer says no...

$geekfactor 0x0

Pedro Costa
on , said:

Computer says no...

$geekfactor 0x0

Sérgio Laranjeira
on , said:

+ Herman Duarte, Congrats!! It's a great topic.

$geekfactor 0x0

Tiago Sintra
on , said:

Go Herman! Lets see how secure is iOS =)

$geekfactor 0x0

Christian Guimarães
on , said:

Seems interesting. Take my upvote! Number 99.

$geekfactor 0x0

You must log-in in order to comment this.