O'Reilly logo

Learning iOS Penetration Testing by Swaroop Yermalkar

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Dynamic analysis using Cycript

Cycript is one the most popular tools used for runtime analysis of iOS apps. It's a JavaScript interpreter that also understands Objective-C syntax. The idea is to hook Cycript in the target application's process ID and perform actions using JavaScript or Objective-C or both. I would encourage you to go through its documentation in order to understand its functionality in depth.

In dynamic analysis, the important aspect is method swizzling. Method swizzling is changing the behavior/functionality of a method at runtime. To perform method swizzling, we require information about the methods that are used in backend for the application. The idea is as follows:

  • Reverse engineer the application using techniques that we studied ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required