iOS逆向與防護(hù)相關(guān)資料

IOS安全學(xué)習(xí)網(wǎng)站收集:

http://samdmarshall.com

https://www.exploit-db.com

https://reverse.put.as

http://security.ios-wiki.com

https://truesecdev.wordpress.com/

http://resources.infosecinstitute.com/ios-application-security-part-1-setting-up-a-mobile-pentesting-platform/

http://esoftmobile.com/2014/02/14/ios-security/

http://bbs.iosre.com

http://bbs.chinapyg.com

http://blog.pangu.io/

http://yonsm.net/

http://nianxi.net/

https://github.com/pandazheng/iOSAppReverseEngineering

http://drops.wooyun.org


(2)??IOS安全優(yōu)秀博客文章

https://github.com/secmobi/wiki.secmobi.com

http://bbs.iosre.com/t/debugserver-lldb-gdb/65

http://bbs.pediy.com/showthread.php?t=193859

http://bbs.pediy.com/showthread.php?t=192657&viewgoodnees=1&prefixid=

http://blog.darkrainfall.org/2013/01/os-x-internals/

http://dvlabs.tippingpoint.com/blog/2009/03/06/reverse-engineering-iphone-appstore-binaries

http://drops.wooyun.org/papers/5309

https://www.safaribooksonline.com/library/view/hacking-and-securing/9781449325213/ch08s04.html

http://soundly.me/osx-injection-override-tutorial-hello-world/

https://nadavrub.wordpress.com/2015/07/23/injecting-code-to-an-ios-appstore-app/



(3)??IOS安全優(yōu)秀GitHub

XCodeGhost清除腳本

https://github.com/pandazheng/XCodeGhost-Clean


Apple OS X ROOT提權(quán)API后門

https://github.com/tihmstar/rootpipe_exploit


Dylib插入Mach-O文件

https://github.com/Tyilo/insert_dylib


OSX dylib injection

https://github.com/scen/osxinj


IOS IPA package refine and resign

https://github.com/Yonsm/iPAFine


ROP Exploitation

https://github.com/JonathanSalwan/ROPgadget


Scan an IPA file and parses its info.plist

https://github.com/apperian/iOS-checkIPA


A PoC Mach-O infector via library injection

https://github.com/gdbinit/osx_boubou


IOS-Headers

https://github.com/MP0w/iOS-Headers


Interprocess Code injection for Mac OS X

https://github.com/rentzsch/mach_inject


OS X Auditor is a free Mac OS X computer forensics tool

https://github.com/jipegit/OSXAuditor


remove PIE for osx

https://github.com/CarinaTT/MyRemovePIE


A TE executable format loader for IDA

https://github.com/gdbinit/TELoader


Mobile Security Framework

https://github.com/ajinabraham/Mobile-Security-Framework-MobSF


A library that enables dynamically rebinding symbols in Mach-O

binaries running on iOS

https://github.com/facebook/fishhook


OSX and iOS related security tools

https://github.com/ashishb/osx-and-ios-security-awesome


Introspy-Analyzer

https://github.com/iSECPartners/Introspy-Analyzer


Dumps decrypted mach-o files from encrypted iPhone applications

from memory to disk

https://github.com/stefanesser/dumpdecrypted


Simple Swift wrapper for Keychain that works on iOS and OS X

https://github.com/kishikawakatsumi/KeychainAccess


idb is a tool to simplify some common tasks for iOSpentesting

and research

https://github.com/dmayer/idb


Pentesting apps using Parse as a backend

https://github.com/igrekde/ParseRevealer


The iOS Reverse Engineering Toolkit

https://github.com/Vhacker/iRET


XNU – Mac OS X kernel

https://github.com/opensource-apple/xnu


Code injection + payload communications for OSX

https://github.com/mhenr18/injector


iOS related code

https://github.com/samdmarshall/iOS-Internals


OSX injection tutorial: Hello World

https://github.com/arbinger/osxinj_tut


Reveal Loader dynamically loads libReveal.dylib (Reveal.app support)

into iOS apps on jailbroken devices

https://github.com/heardrwt/RevealLoader


NSUserDefaults category with AES encrypt/decrypt keys and values

https://github.com/NZN/NSUserDefaults-AESEncryptor


Blackbox tool to disable SSL certificate validation

https://github.com/iSECPartners/ios-ssl-kill-switch


應(yīng)用逆向工程抽獎(jiǎng)插件

https://github.com/iosre/iosrelottery


Untested iOS Tweak to hook OpenSSL functions

https://github.com/nabla-c0d3/iOS-hook-OpenSSL


IOS *.plistencryptor project. Protect your *.plist files from

jailbroken

https://github.com/FelipeFMMobile/ios-plist-encryptor


Re-codesigning tool for iOSipa file

https://github.com/hayaq/recodesign


Scans iPhone/iPad/iPod applications for PIE flags

https://github.com/stefanesser/.ipa-PIE-Scanner



(4)??IOS安全優(yōu)秀書籍

《Hacking and Securing iOS Applications》

《Mac OS X and iOSInternals:To the Apple’s Core》

《OS X and iOS Kernel Programming》

《OS X ABI Mach-O File Format》

《The Mac Hacker’s Handbook》

《Mac OS X Interals:A Systems Approach》

《黑客攻防技術(shù)寶典-IOS實(shí)戰(zhàn)篇》

《IOS應(yīng)用安全攻防實(shí)戰(zhàn)》

《IOS應(yīng)用逆向工程》

《IOS取證實(shí)戰(zhàn)》

《安全技術(shù)大系:IOS取證分析》


(5)??IOS安全Twitter

https://twitter.com/Technologeeks

https://twitter.com/osxreverser


原文出處:https://github.com/pandazheng/IosHackStudy

菜鳥走向大牛,大家共同前進(jìn),如果覺得不錯(cuò),請(qǐng)給個(gè)贊/關(guān)注。

一起交流學(xué)習(xí),有問題隨時(shí)歡迎聯(lián)系,郵箱:383708669@qq.com

?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請(qǐng)聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時(shí)請(qǐng)結(jié)合常識(shí)與多方信息審慎甄別。
平臺(tái)聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡(jiǎn)書系信息發(fā)布平臺(tái),僅提供信息存儲(chǔ)服務(wù)。

相關(guān)閱讀更多精彩內(nèi)容

  • afinalAfinal是一個(gè)android的ioc,orm框架 https://github.com/yangf...
    passiontim閱讀 15,842評(píng)論 2 45
  • test
    魚小魚_9d10閱讀 189評(píng)論 0 0
  • 百日練,一百天看一百本書,第49天,《你不拼搏,誰也給不了你想要的生活》一小時(shí),理解70%,2000字/分鐘 主要...
    騎了蝸牛闖世界閱讀 123評(píng)論 0 0
  • 本文系《永恒的終結(jié)》書評(píng),原文鏈接轉(zhuǎn)載請(qǐng)注明出處 我并不了解阿西莫夫,當(dāng)初買這本書也完全是根據(jù)亞馬遜上其他購(gòu)買者的...
    csensix閱讀 368評(píng)論 0 1
  • 幸福就是,大冬天把手搭到被子外面,然后把手放進(jìn)被窩的那一瞬間。嘎嘎嘎~ 閉上眼然后第二天鬧鐘響起,所有的煩惱,喜悅...
    喜悲都是你閱讀 149評(píng)論 0 0

友情鏈接更多精彩內(nèi)容