Introducing idb - Simplified Blackbox iOS App Pentesting

SOURCE Boston 2014

Presented by: Daniel A. Mayer
Date: Thursday April 10, 2014
Time: 11:00 - 11:45
Location: Washington

In this talk, we review common classes of iOS mobile application flaws as seen in real-world applications. Moreover, to assist the community in assessing security risks of mobile apps, we introduce a new tool called 'idb' and show how it can be used to efficiently test for a range of iOS app flaws. In order to illustrate how apps commonly fail at safeguarding sensitive data, each vulnerability class is first introduced and discussed. We then demonstrate how idb can be used to uncover these flaws from a black-box perspective and provide guidance on how to mitigate each flaw.

Daniel A. Mayer

Daniel is a consultant with Matasano Security. His experience includes penetration testing, cryptographic protocol analysis and design, security research, and system and network administration.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats