– Vivek Ramachandran
Instructor, SWSE, SMFE, SPSE and SISE
1. What is the SISE?
The SecurityTube iOS Security Expert (SISE) is an online course and certification which focuses on the iOS platform and application security. This course is ideal for pentesters, researchers and the casual iOS enthusiast who would like to dive deep and understand how to analyze and systematically audit applications on this platform using a variety of bleeding edge tools and techniques.
A non-exhaustive list of topics to be taught includes:
- Module 1: Introduction to iOS Security
- Module 2: Creating an Application Pentest Platform
- Module 3: Advanced Application Runtime Analysis
- Module 4: Exploiting iOS Applications
- Module 5: iOS Forensics and Data Recovery
- Module 6: iOS Malware and Backdoors
- Module 7: Further Study and Roadmap
- Module 8: Exam Pattern and Mock Exam
* iOS, iPhone, iPad are all trademarks of Apple Inc.
2. Course Syllabus
Module 1: Introduction to iOS Security
- iOS Platform Basics
- iOS Application Development and Testing
- Objective C and iOS Frameworks
- Xcode, iPhone and iPad simulators
- The ARM processor
- MVC basics and a sample iOS application
- Event Driven applications
- iOS Platform Security
- Secure Boot
- Application Code Signing and Appstore restrictions
- Application Sandboxing
- Encryption and Data Security
- Secure Network Access
Module 2: Creating an Application Pentest Platform
- iOS – Platform Constraints and Limitations
- Jailbreaking – Why and How?
- History of Jailbreaking exploits
- Cydia and other 3rd party repositories
- Installing Assessment Tools on your iPhone
- Filesystem analysis
- Runtime analysis
- Debugging and Dis-assembling
- Network Monitoring – proxies, raw traffic dumps
- Sqlite basics
- Plist basics and Plutil
Module 3: Advanced Application Runtime Analysis
- Decrypting Applications
- Clutch and other tools
- Runtime Analysis with GDB
- GDB basics – breakpoints, conditionals etc.
- Debugging Objective-C and understanding objc_msgSend
- Inspecting Objects in Memory
- Calling Functions and Methods
- Disassembling iOS Applications
- ARM assembly basics
- Registers and function/method calling
- Modifying data and Changing Control
- Runtime Analysis with Cycript
- Cycript Basics
- Using the JS – Objective-C bridge
- Finding Variables and Methods in memory
- Inspecting Variables and Calling Methods
- Replacing Methods at runtime
- Using 3rd party Cycript scripts
Module 4: Exploiting iOS Applications
- Examining Application Data Storage at Runtime
- Plist and XML files
- Sqlite Data
- Core Data Services
- Temporary files
- Directory Structure and Snapshot Analysis
- Insecure Local Data Storage
- Plist, XML, Sqlite, Temp Files etc.
- Information leakage using log files
- Keychain Data Storage and Security
- Data and File Security
- Improper Encryption
- Breaking Authentication and Authorization
- Insecure Session Management
- Exploiting IPC / URL Schemas
- Insecure Data Caching – keyboard, UI screenshots etc.
- Improper use of UIPasteboard
- Application Fuzzing
- Attacking UIWebViews (XSS)
- Attacking XML Parsing
- Analyzing and attacking HTTP/HTTPS
- Using self-signed certificates with proxies
- Traffic interception and mangling
- Security concerns with NSURLxxxx and CFNetwork
- Security concerns with CFStream and NSStream
- Directory Traversal attacks
- Attacking Server side applications / Web services from the App
- UDID privacy concerns and faking
- Security concerns due to the C platform
- Buffer overflows and memory corruption
- Poison NULL byte attacks
- Format string vulnerabilities
- Understanding Anti-Piracy techniques
- Plist, Bundled items, Signer Identity etc. checks
- Anti-Debugging techniques
- File integrity / Hash etc. checks
- Anti Anti-Piracy techniques
- Beating checks
- Replacing check functions / methods
- Mobile Substrate
- Basics of Runtime Patching
- Using Mobile Substrate
- Hooking with MobileHooking
- Hooking with MobileHooking
- Code Injection with DYLD_INSERT_LIBRARIES
- API Monitoring
- Solving Application Challenges
Module 5: iOS Forensics and Data Recovery
- Filesystem Organization in iOS
- Understanding Disk and File Encrption
- Forensics on non-Jailbroken devices
- PIN brute-forcing on the device
- Forensics on Jailbroken devices
- Recovering and Analyzing Data
- Plist, Keychain
- Address book, Maps, Call History, SMS, Photos etc.
- Safari, Chrome caches, saved data
- iTune backups basics
- File and Data recovery
Module 6: iOS Malware and Backdoors
- History of iOS Malware
- Background tasks, Daemons and launchd
- Backdoors, Malware examples
- Bind and Reverse Connect Shells on iOS
- Interacting with the shells via Metasploit
Module 7: Further Study and Roadmap
- Course consolidation
- Interesting project ideas to pursue
Module 8: Exam Pattern and Mock Exam
- Exam format
- Mock Exam
3. What are the Hardware / Software requirements for this course? any pre-requisites?
If you would like to follow the lab exercises and other hands-on demos in the course, then you would need the following:
Mandatory Requirements to follow the course:
- Jailbroken iPhone or iPad running at least iOS 5.1.1
- Windows / Linux / Mac to connect to device over USB / Wi-Fi
If you are only interested in understanding this field, you can follow the course videos without requiring the above.
4. What is the course duration? when does it start / stop ?
The SISE course is completely self paced. There is no duration of the course or expiry period. You can download all the course material (videos and slides) from the students portal and watch at your own convenience. The exam dates are flexible as well and you can book them whenever you feel you are ready.
5. Student Portal and Ongoing Support
Apart from the coure material, students are also provided access to the Students portal, PDF copy of the slides, Mock Exam and a host of the other useful things to facilitate learning. This truly allows you to learn in a self-paced manner as we understand that most of you might be working on this part time.
6. Student Testimonials from our existing Certifications
SecurityTube Certifications are currently taken by students from over 73+ countries around the world! Here is what our students have to say about us:
I am working for a WISP and have more than 5 years experience in wireless networks. I was looking for a wireless security course which would be comprehensive and structured, and which explains the basics to the absolute bleeding edge advanced. The pedantic approach to learning using practical and challenging labs is what made me take the SecurityTube Wi-Fi Security Expert course and certification. Vivek’s videos provide a perfect way to learn and the student forum allowed me to clear my doubts and get hints and tips to solve my existing problems, and to explore new things which I never thought before.– Andrea Consadori
SecurityTube and Vivek Ramachandran are making a significant contribution and impact in the field of Information Security Education. My experience completing SecurityTube Wireless Security Expert has been fun and highly satisfying. The SWSE Course content is of high-quality, hands-on & crystal-clear to understand. Vivek has the unique gift of transferring his knowledge seemingly casually yet very effectively. The technique of breaking topics into delicious small-chunks make them easy to absorb irrespective of the complexity of the subject.
After passing the SWSE, I am having fun doing SecurityTube Python Scripting Expert course!– Sarveshwar Rao
Sr. Security Product Manager
The coherent teaching style and technically challenging lab exercises in the SecurityTube Metasploit Framework Expert certification help towards a gradual and comprehensive learning curve for the student.– Jamie Rougvie
I found the SecurityTube Metasploit Framework Expert course videos very elaborate, easy to understand and very practical. This is a high level certification with a really great material and quality. I found what I was searching in SecurityTube, and is very sure I’ll going taking the next certifications offered. I’m not a profesional of security, I’m Engineer in Computer Science, most of all a programmer but always I’ve been enthusiastic of security. With the SMFE I learning a lot and has made me better in the world of security. Congratulations to Vivek Ramachandran excellent teacher and the whole team of SecurityTube. I’ll be available to help and contribute in all I can and be part of this team.– Sigfredo Alvarado
Engineer in Computer Science
Generally, all you can find is “programmers speaking to programmers” but now with the SecurityTube Python Scripting Expert every one can learn Python. Programming is a state of mind and this is not my case, with the SPSE I finally found a clear course that not teach me how to create a recipes book or a little game but how to interact with your environment inside your network or the internet only with Python. I must admit that SPSE (for me) is more complicated that SWSE and SMFE community but you will learn so much that you cannot miss this opportunity; low price for rich and useful content.– Laurent Gerard
7. Why Choose SecurityTube Certifications?
Our Certifications are taken by students from over 73+ countries and are Globally recognized. The Flags in the image to the left are countries from where our students belong. In addition, SecurityTube Certifications provide:
- High Quality Content at an Affordable Cost
- The most Comprehensive Course Coverage in the Industry
- Uses Open Content for Course Evaluation
- Concept Oriented, Practical Content rather than only Theory
8. Course Instructor
Vivek Ramachandran is the Founder and Chief Trainer at SecurityTube.net. He discovered the Caffe Latte attack, broke WEP Cloaking, a WEP protection schema in 2007 publicly at Defcon and conceptualized enterprise Wi-Fi Backdoors. He is also the author of the book “Backtrack 5 Wireless Penetration Testing“.
Vivek currently runs the SecurityTube Wi-Fi Security Expert (SWSE), the SecurityTube Metasploit Framework Expert (SMFE), SecurityTube Python Scripting Expert (SPSE) and the SecurityTube iOS Security Expert (SISE) online course and certifications which is currently being taken by students from over 73+ countries around the world. He also conducts in-person trainings in the US, Europe and Asia.
In a past life, he was one of the programmers of the 802.1x protocol and Port Security in Cisco’s 6500 Catalyst series of switches. He was also one of the winners of the Microsoft Security Shootout contest held in India among a reported 65,000 participants. He has also published multiple research papers in the field of DDoS, ARP Spoofing Detection and Anomaly based Intrusion Detection Systems.
Vivek’s work on wireless security has been quoted in BBC online, InfoWorld, MacWorld, The Register, IT World Canada etc. places. He has spoken/trained at top conferences around the world including Blackhat USA and Abu Dhabi, Defcon, Hacktivity, Brucon, ClubHack, SecurityByte, SecurityZone, Nullcon, C0C0n etc.
9. Course Enrollment and Payment
Please submit the Paypal powered form below to make a payment to “Binary Security Innovative Solutions Pvt. Ltd.“, the parent company of SecurityTube to enroll for the course. You will receive a confirmation email from our team within 1 Working Day of your payment.
If you cannot use Paypal, please drop us an email at feedback  binarysecuritysolutions.com for alternate forms of payment.
11. Contact Us
We have compiled a FAQ below:
1. What is the course duration? when does it start / stop ?
The SISE course is completely self paced. There is no duration of the course or expiry period. You can download all the course material from the students portal and watch at your own convenience.
2. What is your Refund Policy?
A: Once a course is purchased, no refund is possible. Our goods are digital (course videos, PDF copy of course slides) and once a student has downloaded them, he has full access to our copyrighted material. We would recommend you have a look at the FREE videos we have given out to access the quality of our course material and instructors before making a decision.
Please use the form below if you have any additional questions not answered by this page and we will get back to your ASAP: