IOS安全学习资料汇总
(1) IOS安全学习网站收集:
http://highaltitudehacks.com/security/
http://www.securitylearn.net/archives/
http://securitycompass.github.io/iPhoneLabs/index.html
http://www.opensecuritytraining.info/IntroARM.html
https://truesecdev.wordpress.com/
http://esoftmobile.com/2014/02/14/ios-security/
https://github.com/pandazheng/iOSAppReverseEngineering
https://github.com/michalmalik/osx-re-101
https://github.com/secmobi/wiki.secmobi.com
http://contagioexchange.blogspot.com/
http://contagiominidump.blogspot.com/
https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=Guide_Development_Project
http://blog.dornea.nu/2014/10/29/howto-ios-apps-static-analysis/
http://www.dllhook.com/post/58.html
http://thexploit.com/category/secdev/
https://github.com/secmobi/wiki.secmobi.com
https://github.com/mdsecresearch
http://googleprojectzero.blogspot.com/
http://googleprojectzero.blogspot.com/2014/10/more-mac-os-x-and-iphone-sandbox.html
http://googleprojectzero.blogspot.com/2014/11/pwn4fun-spring-2014-safari-part-ii.html
https://www.blackhat.com/docs/us-15/materials/us-15-Lei-Optimized-Fuzzing-IOKit-In-iOS-wp.pdf
https://www.youtube.com/watch?v=rxUgw5bEG3Y
https://www.theiphonewiki.com/wiki/Firmware
http://www.trustedbsd.org/mac.html
http://googleprojectzero.blogspot.com/2014/10/more-mac-os-x-and-iphone-sandbox.html
https://support.apple.com/zh-cn/HT205731
https://www.apple.com/support/security/
http://opensource.apple.com/tarballs/
https://mobile-security.zeef.com/oguzhan.topgu
http://www.powerofcommunity.net
https://recon.cx/2016/training/trainingios-osx.html
https://www.exploit-db.com/osx-rop-exploits-evocam-case-study/
https://www.offensive-security.com/vulndev/evocam-remote-buffer-overflow-on-osx/
https://www.yumpu.com/en/document/view/7010924/ios-kernel-heap-armageddon
http://contagiodump.blogspot.com/
http://www.dllhook.com/post/138.html
http://shell-storm.org/blog/Return-Oriented-Programming-and-ROPgadget-tool/
https://medium.com/@harryworld/100-days-of-osx-development-e61591fcb8c8#.vxyuyse12
http://www.poboke.com/study/reverse
https://www.offensive-security.com/vulndev/evocam-remote-buffer-overflow-on-osx/
https://www.exploit-db.com/osx-rop-exploits-evocam-case-study/
http://phrack.org/issues/69/1.html
https://www.exploit-db.com/docs/28479.pdf
https://speakerdeck.com/milkmix/ios-malware-myth-or-reality
(2) IOS安全优秀博客文章
http://datatheorem.github.io/TrustKit/
http://ho.ax/posts/2012/02/resolving-kernel-symbols/
http://www.securitylearn.net/tag/pentesting-ios-apps/
https://truesecdev.wordpress.com/2015/04/09/hidden-backdoor-api-to-root-privileges-in-apple-os-x/
https://github.com/secmobi/wiki.secmobi.com
http://bbs.iosre.com/t/debugserver-lldb-gdb/65
http://bbs.pediy.com/showthread.php?t=193859
http://bbs.pediy.com/showthread.php?t=192657&viewgoodnees=1&prefixid=
http://blog.darkrainfall.org/2013/01/os-x-internals/
http://dvlabs.tippingpoint.com/blog/2009/03/06/reverse-engineering-iphone-appstore-binaries
http://drops.wooyun.org/papers/5309
http://www.blogfshare.com/category/ios-secure
https://www.safaribooksonline.com/library/view/hacking-and-securing/9781449325213/ch08s04.html
http://soundly.me/osx-injection-override-tutorial-hello-world/
https://nadavrub.wordpress.com/2015/07/23/injecting-code-to-an-ios-appstore-app/
http://blog.dewhurstsecurity.com/
https://github.com/project-imas
https://github.com/iSECPartners
https://www.nowsecure.com/blog/
http://www.tanhao.me/pieces/1515.html/
https://truesecdev.wordpress.com/2015/04/09/hidden-backdoor-api-to-root-privileges-in-apple-os-x/
(3) IOS安全优秀GitHub
Contains all example codes for O'Reilly's iOS 9 Swift Programming Cookbook https://github.com/vandadnp/iOS-9-Swift-Programming-Cookbook
XCodeGhost清除脚本 https://github.com/pandazheng/XCodeGhost-Clean
Apple OS X ROOT提权API后门 https://github.com/tihmstar/rootpipe_exploit
Effortless and universal SSL pinning for iOS and OS X https://github.com/datatheorem/TrustKit
Patch PE, ELF, Mach-O binaries with shellcode https://github.com/secretsquirrel/the-backdoor-factory
iReSign allows iDevice app bundles (.ipa) files to be signed or resigned with a digital certificate from Apple for distribution https://github.com/maciekish/iReSign
A Mach-O Load Command deobfuscator https://github.com/x43x61x69/Mach-O-Prettifier
Dylib插入Mach-O文件 https://github.com/Tyilo/insert_dylib
dylib injector for mach-o binaries https://github.com/KJCracks/yololib
Fast iOS executable dumper https://github.com/KJCracks/Clutch
Binary distribution of the libimobiledevice library for Mac OS X https://github.com/benvium/libimobiledevice-macosx
python utilities related to dylib hijacking on OS X https://github.com/synack/DylibHijack
OSX dylib injection https://github.com/scen/osxinj
IOS IPA package refine and resign https://github.com/Yonsm/iPAFine
ROP Exploitation https://github.com/JonathanSalwan/ROPgadget
Class-dump any Mach-o file without extracting it from dyld_shared_cache https://github.com/limneos/classdump-dyld
Scan an IPA file and parses its info.plist https://github.com/apperian/iOS-checkIPA A PoC Mach-O infector via library injection https://github.com/gdbinit/osx_boubou
IOS-Headers https://github.com/MP0w/iOS-Headers
Interprocess Code injection for Mac OS X https://github.com/rentzsch/mach_inject
OS X Auditor is a free Mac OS X computer forensics tool https://github.com/jipegit/OSXAuditor
remove PIE for osx https://github.com/CarinaTT/MyRemovePIE
A TE executable format loader for IDA https://github.com/gdbinit/TELoader
Mobile Security Framework https://github.com/ajinabraham/Mobile-Security-Framework-MobSF
A library that enables dynamically rebinding symbols in Mach-O binaries running on iOS https://github.com/facebook/fishhook
OSX and iOS related security tools https://github.com/ashishb/osx-and-ios-security-awesome
Introspy-Analyzer https://github.com/iSECPartners/Introspy-Analyzer
Dumps decrypted mach-o files from encrypted iPhone applications from memory to disk https://github.com/stefanesser/dumpdecrypted
Simple Swift wrapper for Keychain that works on iOS and OS X https://github.com/kishikawakatsumi/KeychainAccess
idb is a tool to simplify some common tasks for iOS pentesting and research https://github.com/dmayer/idb
Pentesting apps using Parse as a backend https://github.com/igrekde/ParseRevealer
The iOS Reverse Engineering Toolkit https://github.com/Vhacker/iRET
XNU - Mac OS X kernel https://github.com/opensource-apple/xnu
Code injection + payload communications for OSX https://github.com/mhenr18/injector
iOS related code https://github.com/samdmarshall/iOS-Internals
OSX injection tutorial: Hello World https://github.com/arbinger/osxinj_tut
Reveal Loader dynamically loads libReveal.dylib (Reveal.app support) into iOS apps on jailbroken devices https://github.com/heardrwt/RevealLoader
NSUserDefaults category with AES encrypt/decrypt keys and values https://github.com/NZN/NSUserDefaults-AESEncryptor
Blackbox tool to disable SSL certificate validation https://github.com/iSECPartners/ios-ssl-kill-switch
应用逆向工程 抽奖插件 https://github.com/iosre/iosrelottery
Untested iOS Tweak to hook OpenSSL functions https://github.com/nabla-c0d3/iOS-hook-OpenSSL
IOS *.plist encryptor project. Protect your .plist files from jailbroken https://github.com/FelipeFMMobile/ios-plist-encryptor
Re-codesigning tool for iOS ipa file https://github.com/hayaq/recodesign
Scans iPhone/iPad/iPod applications for PIE flags https://github.com/stefanesser/.ipa-PIE-Scanner
xnu local privilege escalation via cve-2015-1140 IOHIDSecurePromptClient injectStringGated heap overflow | poc||gtfo https://github.com/kpwn/vpwn
MachOView https://github.com/gdbinit/MachOView
A cross-platform protocol library to communicate with iOS devices https://github.com/libimobiledevice/libimobiledevice
WireLurkerDetector https://github.com/pandazheng/WireLurker
Released in accordance with GPL licensing https://github.com/p0sixspwn/p0sixspwn
xnu local privilege escalation via cve-2015 https://github.com/kpwn/tpwn
A simple universal memory editor (game trainer) on OSX/iOS https://github.com/pandazheng/HippocampHairSalon
BinaryCookieReader源码 https://github.com/pandazheng/BinaryCookieReader
Tiamo's bootloader https://github.com/pandazheng/macosxbootloader
incomplete ios 8.4.1 jailbreak by Kim Jong Cracks https://github.com/pandazheng/yalu
Security Scanner for OSX https://github.com/openscanner/XGuardian
Sample kernel extension that demonstrates how to hide from kextstat https://github.com/rc0r/KextHider
Example Mac OS X kernel extension that resolves symbols from the running kernel image https://github.com/snare/KernelResolver
Sample Mac OS X (Mountain Lion) kernel extension that demonstrates how to hide files by hijacking getdirentries syscalls https://github.com/rc0r/FileHider
Sample Mac OS X (Mountain Lion) kernel extension that demonstrates how to hide a process by modifying allproc and pidhashtbl https://github.com/rc0r/ProcessHider
The Mach-O disassembler. Now 64bit and Xcode 6 compatible https://github.com/x43x61x69/otx
A Mach-O binary codesign remover https://github.com/x43x61x69/codeunsign
A Mach-O Load Command deobfuscator https://github.com/x43x61x69/Mach-O-Prettifier
Very simple keylogger for self-quantifying on Mac OS X https://github.com/dannvix/keylogger-osx
Manage iOS devices through iTunes lib https://github.com/xslim/mobileDeviceManager
Detects the hardware, software and display of the current iOS or Mac OS X device at runtime https://github.com/lmirosevic/GBDeviceInfo
Python Arsenal for Reverse Engineering http://pythonarsenal.com/
A OS X crypto ransomware PoC https://github.com/gdbinit/gopher
(4) IOS安全优秀书籍 《Hacking and Securing iOS Applications》 《Mac OS X and iOS Internals:To the Apple’s Core》 《OS X and iOS Kernel Programming》 《OS X ABI Mach-O File Format》 《The Mac Hacker’s Handbook》 《Mac OS X Interals:A Systems Approach》 《黑客攻防技术宝典-IOS实战篇》 《IOS应用安全攻防实战》 《IOS应用逆向工程》 《IOS取证实战》 《安全技术大系:IOS取证分析》
(5) IOS安全Twitter https://twitter.com/Technologeeks
https://twitter.com/osxreverser
https://twitter.com/Morpheus______
(6) OSX/IOS Exploit分析文章 CVE-2016-1749 http://turingh.github.io/2016/04/29/CVE-2016-1749%E5%86%85%E6%A0%B8%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8CPOC%E5%88%86%E6%9E%90/
CVE-2016-1757 http://googleprojectzero.blogspot.com/2016/03/race-you-to-kernel.html
https://github.com/gdbinit/mach_race
CVE-2016-1824 http://marcograss.github.io/security/apple/cve/2016/05/16/cve-2016-1824-apple-iohidfamily-racecondition.html
IOS越狱中使用到的漏洞列表
###ipsw ios10 ipsw https://ipsw.me/all
https://www.theiphonewiki.com/wiki/Firmware_Keys
https://www.reddit.com/r/jailbreak/comments/4nyz1p/discussion_decrypted_kernel_cache_ios_10/d48cgd7
https://www.nowsecure.com/blog/2014/04/14/ios-kernel-reversing-step-by-step/
http://www.iphonehacks.com/download-iphone-ios-firmware
Mac下的一些软件 http://sqwarq.com/detectx/