Update README.md

This commit is contained in:
Vaibhav 2020-01-03 19:34:31 +05:30 committed by GitHub
parent e3d352c7f7
commit adfe0b90f4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -23,10 +23,6 @@
* [Mobile Application Penetration Testing Cheat Sheet](https://github.com/sh4hin/MobileApp-Pentest-Cheatsheet) * [Mobile Application Penetration Testing Cheat Sheet](https://github.com/sh4hin/MobileApp-Pentest-Cheatsheet)
* [Android Applications Reversing 101](https://www.evilsocket.net/2017/04/27/Android-Applications-Reversing-101/#.WQND0G3TTOM.reddit) * [Android Applications Reversing 101](https://www.evilsocket.net/2017/04/27/Android-Applications-Reversing-101/#.WQND0G3TTOM.reddit)
* [Android Security Guidelines](https://developer.box.com/en/guides/security/) * [Android Security Guidelines](https://developer.box.com/en/guides/security/)
* [Amandroid A Static Analysis FrameworkA](http://pag.arguslab.org/argus-saf/)
* [Androwarn Yet Another Static Code Analyzer](https://github.com/maaaaz/androwarn/)
* [APK Analyzer Static and Virtual Analysis Tool](https://github.com/sonyxperiadev/ApkAnalyser)
* [APK Inspector A Powerful GUI Tool](https://github.com/honeynet/apkinspector/)
* [Android WebView Vulnerabilities](https://pentestlab.blog/2017/02/12/android-webview-vulnerabilities/) * [Android WebView Vulnerabilities](https://pentestlab.blog/2017/02/12/android-webview-vulnerabilities/)
* [OWASP Mobile Top 10](https://www.owasp.org/index.php/OWASP_Mobile_Top_10) * [OWASP Mobile Top 10](https://www.owasp.org/index.php/OWASP_Mobile_Top_10)
@ -160,17 +156,73 @@
## IOS ## iOS
### General ### General
* [iOS Security](https://www.cse.wustl.edu/~jain/cse571-14/ftp/ios_security/index.html)
* [Basic iOS Apps Security Testing lab](https://medium.com/@ehsahil/basic-ios-apps-security-testing-lab-1-2bf37c2a7d15)
* [IOS Application security Setting up a mobile pentesting platform](https://resources.infosecinstitute.com/ios-application-security-part-1-setting-up-a-mobile-pentesting-platform/#gref)
* [Collection of the most common vulnerabilities found in iOS applications](https://github.com/felixgr/secure-ios-app-dev)
* [IOS_Application_Security_Testing_Cheat_Sheet](https://www.owasp.org/index.php/IOS_Application_Security_Testing_Cheat_Sheet)
* [OWASP iOS Basic Security Testing](https://mobile-security.gitbook.io/mobile-security-testing-guide/ios-testing-guide/0x06b-basic-security-testing)
### Books ### Books
* [Hacking and Securing iOS Applications: Stealing Data, Hijacking Software, and How to Prevent It](https://www.amazon.com/Hacking-Securing-iOS-Applications-Hijacking/dp/1449318746)
* [iOS Penetration Testing](https://www.apress.com/gp/book/9781484223543)
* [iOS App Security, Penetration Testing, and Development](https://www.allysonomalley.com/)
* [IOS Hacker's Handbook](https://www.amazon.com/iOS-Hackers-Handbook-Charlie-Miller/dp/1118204123)
* [iOS Hackers Handbook](https://www.amazon.in/iOS-Hacker%E2%80%B2s-Handbook-Charlie-Miller/dp/1118204123)
* [Hacking iOS Applications a detailed testing guide](https://web.securityinnovation.com/hubfs/iOS%20Hacking%20Guide.pdf)
* [Develop iOS Apps (Swift)](https://developer.apple.com/library/archive/referencelibrary/GettingStarted/DevelopiOSAppsSwift/)
* [iOS Programming Cookbook](https://www.packtpub.com/in/application-development/ios-programming-cookbook)
### Courses ### Courses
* [Pentesting iOS Applications](https://www.pentesteracademy.com/course?id=2)
* [Reverse Engineering iOS Applications](https://github.com/ivRodriguezCA/RE-iOS-Apps)
* [App Design and Development for iOS](https://www.coursera.org/learn/ios-app-design-development)
### Tools ### Tools
* [Cydia Impactor](http://www.cydiaimpactor.com/)
* [idb - iOS App Security Assessment Tool](https://www.idbtool.com/)
* [Frida](https://github.com/frida/frida/releases)
* [Objection - mobile exploration toolkit by Frida](https://github.com/sensepost/objection)
* [Bfinject](https://github.com/BishopFox/bfinject)
* [iFunbox](http://www.i-funbox.com/)
* [Libimobiledevice - library to communicate with the services of the Apple ios devices](https://www.libimobiledevice.org/)
* [iRET (iOS Reverse Engineering Toolkit)](https://www.veracode.com/sites/default/files/Resources/Tools/iRETTool.zip) - includes oTool, dumpDecrypted, SQLite, Theos, Keychain_dumper, Plutil
* [Myriam iOS](https://github.com/GeoSn0w/Myriam)
* [iWep Pro - wireless suite of useful applications used to turn your iOS device into a wireless network diagnostic tool](https://itunes.apple.com/us/app/iweppro/id578135585?mt=8)
* [Burp Suite](https://portswigger.net/burp/communitydownload)
* [Cycript](https://cydia.saurik.com/api/latest/3)
* [needle - The iOS Security Testing Framework](https://github.com/FSecureLABS/needle)
### Labs ### Labs
* [OWASP iGoat](https://www.owasp.org/index.php/OWASP_iGoat_Tool_Project)
* [Damn Vulnerable iOS App (DVIA) v2](https://github.com/prateek147/DVIA-v2)
* [Damn Vulnerable iOS App (DVIA) v1](https://github.com/prateek147/DVIA)
* [iPhoneLabs](https://github.com/SecurityCompass/iPhoneLabs)
* [iOS-Attack-Defense](https://github.com/ManicodeSecurity/iOS-Attack-Defense)
### Talks ### Talks
* [Behind the Scenes of iOS Security](https://www.youtube.com/watch?v=BLGFriOKz6U)
* [Modern iOS Application Security](https://www.infoq.com/presentations/ios-security/)
* [Demystifying the Secure Enclave Processor](https://www.youtube.com/watch?v=7UNeUT_sRos)
* [HackPac Hacking Pointer Authentication in iOS User Space](https://www.youtube.com/watch?v=DJFxhShJ6Ns)
* [Analyzing and Attacking Apple Kernel Drivers](https://www.youtube.com/watch?v=07VqX4bbXTI)
* [Remotely Compromising iOS via Wi-Fi and Escaping the Sandbox](https://www.youtube.com/watch?v=bP5VP7vLLKo)
* [Reverse Engineering iOS Mobile Apps](https://www.bugcrowd.com/resources/webinars/reverse-engineering-ios-mobile-apps/)
* [iOS 10 Kernel Heap Revisited](https://www.youtube.com/watch?v=DNW6Im31lQo)
### Misc. ### Misc.
* [Most usable tools for iOS penetration testing](https://github.com/ansjdnakjdnajkd/iOS)
* [iOS-Security-Guides](https://github.com/0xmachos/iOS-Security-Guides)
* [osx-security-awesome - OSX and iOS related security tools](https://github.com/ashishb/osx-and-ios-security-awesome)