iOS Pentesting Checklist
Last updated
Was this helpful?
Last updated
Was this helpful?
Do you use Hacktricks every day? Did you find the book very useful? Would you like to receive extra help with cybersecurity questions? Would you like to find more and higher quality content on Hacktricks? Support Hacktricks through github sponsors so we can dedicate more time to it and also get access to the Hacktricks private group where you will get the help you need and much more!
If you want to know about my latest modifications/additions or you have any suggestion for HackTricks or PEASS, join the 💬telegram group, or follow me on Twitter 🐦@carlospolopm. If you want to share some tricks with the community you can also submit pull requests to https://github.com/carlospolop/hacktricks that will be reflected in this book and don't forget to give ⭐ on github to motivate me to continue developing this book.
****UIActivity Sharing****
****UIPasteboard****
****App Extensions****
WebViews****
Does the application ?
Check if sensitive information is saved in the ****
Check if ****
**** can be used to access the sensitive information saved in the file system (check the initial point of this checklist)
Also, can be used to modify some configurations of the application, then restore the backup on the phone, and the as the modified configuration is loaded some (security) functionality may be bypassed
Check for sensitive information inside the ****
Check if yo can find ****
Check for the use of to send/store sensitive data
********
If a is used in the application, you should check how the authentication is working.
If it's using the it could be easily bypassed
If it's using a you could create a custom frida script
********
********
Perform a and search for web vulnerabilities.
Check if the is checked
Check/Bypass ****
Check for mechanisms
Check for ****