8kSec Academy
Self-paced Course

Offensive iOS Internals (On-demand)

In this unique course targeting the internals of the iOS operating system, you'll get a chance to  explore various exploit mitigations, IPC mechanisms, and XNU internals. Develop skills in reverse-engineering iOS specific security features and gain a deeper understanding of exploitation techniques, including both userland and kernel-level exploits. Follow each stage of the jailbreak process, supported by case studies of real-world exploits.

This course is not an Appsec course, as it covers topics related to VR that is suitable for folks interested in learning more about the iOS operating system internals, exploitation techniques etc.

If you are interested in an Appsec course, check out the Practical Mobile Application Exploitation course.

  • Level

    Beginner / Intermediate

  • Video

    14 hours - 92 videos

  • CERTIFICATION EXAM

    Included

A path to
CISR Certification

Key Objectives

  • Introduction to ARM64 architecture
  • Overview of the iOS Kernel and it’s Security Mitigations
  • Reverse engineering iOS binaries (Apps and system binaries)
  • Get an intro to common bug various bug categories on iOS
  • Understand Memory allocation in Userland and Kernel
  • Learn how Sandboxing and Code Signing works in iOS
  • Get a deeper understanding of how Jailbreaks work
  • Learn how to Reverse engineer proprietary security mitigations
  • Learn using case Study of some real-world vulnerabilities including both Kernel bugs as well as bypass of Security mitigations
  • Learn to exploit different iPC mechanisms (mach_msg2, XPC etc)
  • Become a Certified iOS Security Researcher (CISR)

Who Should Attend?

This course is specifically designed with the needs of modern iOS vulnerability researchers. This course will also be applicable for vulnerability researchers, penetration testers, mobile developers, or anyone keen to learn more about the iOS application security ecosystem.

Prerequisites

To successfully participate in this course, attendees should possess the following:
  • Working knowledge of cybersecurity and pentesting fundamentals
  • Basic working knowledge of iOS platform
  • Basic Linux skills and command-line proficiency
  • Understanding of fundamental programming concepts and looping structures in at least one higher-level language (Objective-C, Swift, C, C++, or similar)
  • Basic ARM/AARCH64 binary assembly and exploitation knowledge is recommended, but not required

Duration

  • 365 days of access after purchase

Technical Requirements

  • Laptop with 8+ GB RAM and 40 GB hard disk space
  • Administrative access on the system
  • A physical jailbroken iOS device running iOS 16.x or later, or access to a virtualized environment such as Corellium, is required to complete the labs.

Need To Justify To Your Manager?

Need a Template to Justify the Training Request to your Manager? Download the Template below.

Syllabus

Included

CERTIFIED iOS SECURITY RESEARCHER (CISR)

This course prepares you for the Certified iOS Security Researcher (CISR) certification exam, a hands-on assessment specifically designed to test your grasp of advanced iOS security domains including userland and kernel components.
Exam Duration : 24 hours

START LEARNING

Offensive iOS Internals course

Early Bird Offer
  • Lecture recordings and self-assessments
  • Certification of course completion
  • Certified iOS Security Researcher Exam attempt
  • Post-training support
Enroll now and enjoy:
  • Early bird price (limited)
  • 365 days of access + 90 days early registration bonus access

Enroll a group

Get in touch for pricing
Includes everything from the individual rate, plus:
  • Special group pricing
  • Oversee and track the progress of group members

Enterprise

Get in touch for pricing
Includes everything from the group rate, with the ability to manage multiple seats and track student progress across all courses. Contact us with your preferred courses and number of students for a customized quote.

Offensive iOS Internals course

On-demand
  • Immediate access to materials
  • Lecture recordings and self-assessments
  • 365 days of access
  • Certification of course completion
  • Certified iOS Security Researcher Exam attempt
  • Post-training support

Enroll a group

Get in touch for pricing
Includes everything from the individual rate, plus:
  • Special group pricing
  • Oversee and track the progress of group members

Enterprise

Get in touch for pricing
Includes everything from the group rate, with the ability to manage multiple seats and track student progress across all courses. Contact us with your preferred courses and number of students for a customized quote.

Created by

8kSec Academy

Our instructors are experts with over a decade of hands-on experience in mobile security, IoT exploitation, and vulnerability assessment. They've delivered numerous private trainings to high-profile clients and shared their knowledge at renowned conferences like BlackHat, Def Con, POC, TyphoonCon, Brucon, Hack in Paris, Phdays, Appsec USA, and more.

With thousands of students having completed our courses, our instructors continually refine their content based on real-world feedback. Whether through live sessions or our new on-demand courses, we ensure the same high-quality learning experience is accessible to professionals worldwide.