search
🏠 Home BlogGitHubπŸ“š Buy Me a Book
githubEdit

10. iOS Dynamic Analysis

hashtag
BurpSuite

πŸ”— Configuring an iOS device to work with Burp Suitearrow-up-right

Install and configure Burpsuite following the same steps here.

  • Configure the device to use the proxy

    • Settings > Wi-Fi > Info button > Configure Proxy

    • Use Manual to set the Proxy to the host IP running BurpSuite (vboxnet LAN or Bridged LAN IP) and port 8082

  • Install the BurpSuite CA certificatearrow-up-right on the iOS device

    • Open http://burpsuite:8082 on Safari

    • Select CA Certificate and click Allow to confirm the config profile download

    • Settings > General > VPN & Device Management > Downloaded Profile

      • Install the PortSwigger CA

    • Settings > General > About > Certificate Trust Settings

      • Activate the toggle switch to enable full trust for root certificates

  • On Safari navigate to https://example.com and check for the connection request inside BurpSuite

    • Depending on the tested mobile application, traffic can be intercepted

hashtag
Proxyman for iOS

πŸ”— Proxyman for iOSarrow-up-right

  • Capture iOS network traffic (HTTP/HTTPS) without a Macbook

  • Standalone app, works independently from Proxyman for macOS

  • View HTTP/HTTPS Requests and Responses in plain text

  • FaceID and Passcode for data protection

  • Debugging tools like Map Local, Breakpoint, Block List, SSL Proxying List,No Caching

  • Share logs to Proxyman for macOS

  • other features

πŸ”— Atlantis for iOSarrow-up-right - only for network inspectors

  • Automatically intercept all HTTP/HTTPS Traffic

  • Intercept WebSocket from iOS devices

  • Support iOS Physical Devices and Simulators

  • No need to configure HTTP Proxy or install/trust any Certificate

  • Review traffic logs from Proxyman for macOS

  • Categorize logs by app and devices

  • Install Proxyman for MacOS on a Mac device and follow the iOS Setup Guide to configure the proxy

hashtag
SSL Pinning iOS

πŸ”— SSL Kill Switch 2arrow-up-right - (Old) tool to disable SSL certificate validation - including certificate pinning - within iOS and macOS applications.

πŸ”— Objectionarrow-up-right

  • On a jailbroken device, Objection can be used to disable SSL Pinning and see HTTPS traffic using a proxy

hashtag
Jailbreaking

❗ Use Jailbreaking with caution! Jailbreaking is legal in the US but may have legal implications in other countries.

πŸ”— iOS CFW Guidearrow-up-right

Jailbreakingarrow-up-right is the process of unlocking an iOS device to customize its functionality beyond Apple's restrictions, enabling the installation of custom apps and tweaks for a personalized user experience.

  • iOS prioritizes security and reliability with built-in protections against malware, viruses, but jailbreaking can compromise these safeguards, leading to security risks, instability, and reduced battery life

  • Jailbreaking iOS is necessary to conduct full iOS penetration testing

  • Types of jailbreakarrow-up-right

πŸ“Œ Follow my iOS Jailbreak Guidearrow-up-right and make sure you always check for updated commands/guides before step into jailbreaking.

Previous9. iOS Static AnalysisNext11. iOS Bug Bounty

Last updated