IOS安全学习资料汇总
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
IOS安全学记笔记.pdf Add Source Code Sep 24, 2015
OSX.IOS.pdf OSX(IOS)漏洞学习资料汇总 Feb 25, 2016
README.md Update README.md Oct 10, 2018

README.md

IosHackStudy

IOS安全学习资料汇总

(1) IOS安全学习网站收集:

http://samdmarshall.com
https://www.exploit-db.com
https://reverse.put.as
http://highaltitudehacks.com/security/
http://www.dllhook.com/
http://www.securitylearn.net/archives/
http://securitycompass.github.io/iPhoneLabs/index.html
http://security.ios-wiki.com
http://www.opensecuritytraining.info/IntroARM.html
https://truesecdev.wordpress.com/
http://resources.infosecinstitute.com/ios-application-security-part-1-setting-up-a-mobile-pentesting-platform/
http://esoftmobile.com/2014/02/14/ios-security/
http://bbs.iosre.com
http://bbs.chinapyg.com
http://blog.pangu.io/
http://yonsm.net/
http://nianxi.net/
http://cocoahuke.com/
https://blog.0xbbc.com
http://blog.imaou.com/
https://github.com/pandazheng/iOSAppReverseEngineering
http://drops.wooyun.org
http://bbs.pediy.com
http://www.blogfshare.com/
https://github.com/michalmalik/osx-re-101
http://blog.qwertyoruiop.com/
https://github.com/secmobi/wiki.secmobi.com
http://contagioexchange.blogspot.com/
http://contagiominidump.blogspot.com/
https://github.com/secmobi
https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=Guide_Development_Project
http://blog.dornea.nu/2014/10/29/howto-ios-apps-static-analysis/
http://www.dllhook.com/post/58.html
http://thexploit.com/category/secdev/
https://github.com/secmobi/wiki.secmobi.com
https://github.com/mdsecresearch
http://sectools.org/tag/os-x/
http://googleprojectzero.blogspot.com/
http://googleprojectzero.blogspot.com/2014/10/more-mac-os-x-and-iphone-sandbox.html
http://www.macexploit.com/
https://code.google.com/p/google-security-research/issues/list?can=1&q=iOS&sort=-id&colspec=ID%20Type%20Status%20Priority%20Milestone%20Owner%20Summary
https://code.google.com/p/google-security-research/issues/list?can=1&q=OSX&sort=-id&colspec=ID+Type+Status+Priority+Milestone+Owner+Summary&cells=tiles
http://googleprojectzero.blogspot.com/2014/11/pwn4fun-spring-2014-safari-part-ii.html
https://www.blackhat.com/docs/us-15/materials/us-15-Lei-Optimized-Fuzzing-IOKit-In-iOS-wp.pdf
https://www.youtube.com/watch?v=rxUgw5bEG3Y
https://www.theiphonewiki.com/wiki/Firmware
http://www.trustedbsd.org/mac.html
http://googleprojectzero.blogspot.com/2014/10/more-mac-os-x-and-iphone-sandbox.html
https://code.google.com/p/google-security-research/issues/list?can=1&q=OSX&sort=-id&colspec=ID+Type+Status+Priority+Milestone+Owner+Summary&cells=tiles
https://support.apple.com/zh-cn/HT205731
https://www.apple.com/support/security/
http://opensource.apple.com/tarballs/
https://mobile-security.zeef.com/oguzhan.topgu
http://www.powerofcommunity.net
http://cn.0day.today/exploits
https://recon.cx/2016/training/trainingios-osx.html
https://www.exploit-db.com/osx-rop-exploits-evocam-case-study/
https://www.offensive-security.com/vulndev/evocam-remote-buffer-overflow-on-osx/
https://www.yumpu.com/en/document/view/7010924/ios-kernel-heap-armageddon
http://contagiodump.blogspot.com/
http://www.dllhook.com/post/138.html
http://shell-storm.org/blog/Return-Oriented-Programming-and-ROPgadget-tool/
https://medium.com/@harryworld/100-days-of-osx-development-e61591fcb8c8#.vxyuyse12
http://www.poboke.com/study/reverse
https://www.offensive-security.com/vulndev/evocam-remote-buffer-overflow-on-osx/
https://www.exploit-db.com/osx-rop-exploits-evocam-case-study/
http://phrack.org/issues/69/1.html
https://www.exploit-db.com/docs/28479.pdf
https://speakerdeck.com/milkmix/ios-malware-myth-or-reality
https://bbs.pediy.com/thread-223117.htm

(2) IOS安全优秀博客文章

http://datatheorem.github.io/TrustKit/
http://ho.ax/posts/2012/02/resolving-kernel-symbols/
http://www.securitylearn.net/tag/pentesting-ios-apps/
https://truesecdev.wordpress.com/2015/04/09/hidden-backdoor-api-to-root-privileges-in-apple-os-x/
https://github.com/secmobi/wiki.secmobi.com
http://bbs.iosre.com/t/debugserver-lldb-gdb/65
http://bbs.pediy.com/showthread.php?t=193859
http://bbs.pediy.com/showthread.php?t=192657&viewgoodnees=1&prefixid=
http://blog.darkrainfall.org/2013/01/os-x-internals/
http://dvlabs.tippingpoint.com/blog/2009/03/06/reverse-engineering-iphone-appstore-binaries
http://drops.wooyun.org/papers/5309
http://www.blogfshare.com/category/ios-secure
https://www.safaribooksonline.com/library/view/hacking-and-securing/9781449325213/ch08s04.html
http://soundly.me/osx-injection-override-tutorial-hello-world/
https://nadavrub.wordpress.com/2015/07/23/injecting-code-to-an-ios-appstore-app/
http://blog.dewhurstsecurity.com/
https://github.com/project-imas
https://github.com/iSECPartners
https://www.nowsecure.com/blog/
http://lightbulbone.com/
http://www.tanhao.me/pieces/1515.html/
http://dongaxis.github.io/
https://truesecdev.wordpress.com/2015/04/09/hidden-backdoor-api-to-root-privileges-in-apple-os-x/

(3) IOS安全优秀GitHub

Contains all example codes for O'Reilly's iOS 9 Swift Programming Cookbook
https://github.com/vandadnp/iOS-9-Swift-Programming-Cookbook
XCodeGhost清除脚本
https://github.com/pandazheng/XCodeGhost-Clean
Apple OS X ROOT提权API后门
https://github.com/tihmstar/rootpipe_exploit
Effortless and universal SSL pinning for iOS and OS X
https://github.com/datatheorem/TrustKit
Patch PE, ELF, Mach-O binaries with shellcode
https://github.com/secretsquirrel/the-backdoor-factory
iReSign allows iDevice app bundles (.ipa) files to be signed or resigned with a digital certificate from Apple for distribution
https://github.com/maciekish/iReSign
A Mach-O Load Command deobfuscator
https://github.com/x43x61x69/Mach-O-Prettifier
Dylib插入Mach-O文件
https://github.com/Tyilo/insert_dylib
dylib injector for mach-o binaries
https://github.com/KJCracks/yololib
Fast iOS executable dumper
https://github.com/KJCracks/Clutch
Binary distribution of the libimobiledevice library for Mac OS X
https://github.com/benvium/libimobiledevice-macosx
python utilities related to dylib hijacking on OS X
https://github.com/synack/DylibHijack
OSX dylib injection
https://github.com/scen/osxinj
IOS IPA package refine and resign
https://github.com/Yonsm/iPAFine
ROP Exploitation
https://github.com/JonathanSalwan/ROPgadget
Class-dump any Mach-o file without extracting it from dyld_shared_cache
https://github.com/limneos/classdump-dyld
Scan an IPA file and parses its info.plist
https://github.com/apperian/iOS-checkIPA
A PoC Mach-O infector via library injection
https://github.com/gdbinit/osx_boubou
IOS-Headers
https://github.com/MP0w/iOS-Headers
Interprocess Code injection for Mac OS X
https://github.com/rentzsch/mach_inject
OS X Auditor is a free Mac OS X computer forensics tool
https://github.com/jipegit/OSXAuditor
remove PIE for osx
https://github.com/CarinaTT/MyRemovePIE
A TE executable format loader for IDA
https://github.com/gdbinit/TELoader
Mobile Security Framework
https://github.com/ajinabraham/Mobile-Security-Framework-MobSF
A library that enables dynamically rebinding symbols in Mach-O binaries running on iOS
https://github.com/facebook/fishhook
OSX and iOS related security tools
https://github.com/ashishb/osx-and-ios-security-awesome
Introspy-Analyzer
https://github.com/iSECPartners/Introspy-Analyzer
Dumps decrypted mach-o files from encrypted iPhone applications from memory to disk
https://github.com/stefanesser/dumpdecrypted
Simple Swift wrapper for Keychain that works on iOS and OS X
https://github.com/kishikawakatsumi/KeychainAccess
idb is a tool to simplify some common tasks for iOS pentesting and research
https://github.com/dmayer/idb
Pentesting apps using Parse as a backend
https://github.com/igrekde/ParseRevealer
The iOS Reverse Engineering Toolkit
https://github.com/Vhacker/iRET
XNU - Mac OS X kernel
https://github.com/opensource-apple/xnu
Code injection + payload communications for OSX
https://github.com/mhenr18/injector
iOS related code
https://github.com/samdmarshall/iOS-Internals
OSX injection tutorial: Hello World
https://github.com/arbinger/osxinj_tut
Reveal Loader dynamically loads libReveal.dylib (Reveal.app support) into iOS apps on jailbroken devices
https://github.com/heardrwt/RevealLoader
NSUserDefaults category with AES encrypt/decrypt keys and values
https://github.com/NZN/NSUserDefaults-AESEncryptor
Blackbox tool to disable SSL certificate validation
https://github.com/iSECPartners/ios-ssl-kill-switch
应用逆向工程 抽奖插件
https://github.com/iosre/iosrelottery
Untested iOS Tweak to hook OpenSSL functions
https://github.com/nabla-c0d3/iOS-hook-OpenSSL
IOS *.plist encryptor project. Protect your .plist files from jailbroken
https://github.com/FelipeFMMobile/ios-plist-encryptor
Re-codesigning tool for iOS ipa file
https://github.com/hayaq/recodesign
Scans iPhone/iPad/iPod applications for PIE flags
https://github.com/stefanesser/.ipa-PIE-Scanner
xnu local privilege escalation via cve-2015-1140 IOHIDSecurePromptClient injectStringGated heap overflow | poc||gtfo
https://github.com/kpwn/vpwn
MachOView
https://github.com/gdbinit/MachOView
A cross-platform protocol library to communicate with iOS devices
https://github.com/libimobiledevice/libimobiledevice
WireLurkerDetector
https://github.com/pandazheng/WireLurker
Released in accordance with GPL licensing
https://github.com/p0sixspwn/p0sixspwn
xnu local privilege escalation via cve-2015
https://github.com/kpwn/tpwn
A simple universal memory editor (game trainer) on OSX/iOS
https://github.com/pandazheng/HippocampHairSalon
BinaryCookieReader源码
https://github.com/pandazheng/BinaryCookieReader
Tiamo's bootloader
https://github.com/pandazheng/macosxbootloader
incomplete ios 8.4.1 jailbreak by Kim Jong Cracks
https://github.com/pandazheng/yalu
Security Scanner for OSX
https://github.com/openscanner/XGuardian
Sample kernel extension that demonstrates how to hide from kextstat
https://github.com/rc0r/KextHider
Example Mac OS X kernel extension that resolves symbols from the running kernel image
https://github.com/snare/KernelResolver
Sample Mac OS X (Mountain Lion) kernel extension that demonstrates how to hide files by hijacking getdirentries
syscalls
https://github.com/rc0r/FileHider
Sample Mac OS X (Mountain Lion) kernel extension that demonstrates how to hide a process by modifying allproc and pidhashtbl
https://github.com/rc0r/ProcessHider
The Mach-O disassembler. Now 64bit and Xcode 6 compatible
https://github.com/x43x61x69/otx
A Mach-O binary codesign remover
https://github.com/x43x61x69/codeunsign
A Mach-O Load Command deobfuscator
https://github.com/x43x61x69/Mach-O-Prettifier
Very simple keylogger for self-quantifying on Mac OS X
https://github.com/dannvix/keylogger-osx
Manage iOS devices through iTunes lib
https://github.com/xslim/mobileDeviceManager
Detects the hardware, software and display of the current iOS or Mac OS X device at runtime
https://github.com/lmirosevic/GBDeviceInfo
Python Arsenal for Reverse Engineering
http://pythonarsenal.com/
A OS X crypto ransomware PoC
https://github.com/gdbinit/gopher
Frida
https://codeshare.frida.re/

(4) IOS安全优秀书籍

《Hacking and Securing iOS Applications》
《Mac OS X and iOS Internals:To the Apple’s Core》
《OS X and iOS Kernel Programming》
《OS X ABI Mach-O File Format》
《The Mac Hacker’s Handbook》
《Mac OS X Interals:A Systems Approach》
《黑客攻防技术宝典-IOS实战篇》
《IOS应用安全攻防实战》
《IOS应用逆向工程》
《IOS取证实战》
《安全技术大系:IOS取证分析》

(5) IOS安全Twitter

https://twitter.com/Technologeeks
https://twitter.com/osxreverser
https://twitter.com/Morpheus______

(6) OSX/IOS Exploit分析文章

CVE-2016-1749
http://turingh.github.io/2016/04/29/CVE-2016-1749%E5%86%85%E6%A0%B8%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8CPOC%E5%88%86%E6%9E%90/

CVE-2016-1757
http://googleprojectzero.blogspot.com/2016/03/race-you-to-kernel.html
https://github.com/gdbinit/mach_race

CVE-2016-1824
http://marcograss.github.io/security/apple/cve/2016/05/16/cve-2016-1824-apple-iohidfamily-racecondition.html

IOS越狱中使用到的漏洞列表

###ipsw ios10 ipsw
https://ipsw.me/all
https://www.alliphone.com
https://www.theiphonewiki.com/wiki/Firmware_Keys
http://pastebin.com/FRMfanmT https://www.reddit.com/r/jailbreak/comments/4nyz1p/discussion_decrypted_kernel_cache_ios_10/d48cgd7 https://www.nowsecure.com/blog/2014/04/14/ios-kernel-reversing-step-by-step/
http://www.iphonehacks.com/download-iphone-ios-firmware


Mac下的一些软件

http://sqwarq.com/detectx/

Mac下的安全软件

https://objective-see.com/products.html