所有英文文档对应的中文地址:

• http://wufawei.com/2013/11/ios-application-security-1
• http://wufawei.com/2013/11/ios-application-security-..
• http://wufawei.com/2013/11/ios-application-security-38

Part 2 - Getting class information of iOS apps

http://highaltitudehacks.com/2013/06/16/ios-application-security-part-2-getting-class-information-of-ios-apps/

Part 3 - Understanding the Objective-C Runtime

http://highaltitudehacks.com/2013/06/16/ios-application-security-part-3-understanding-the-objective-c-runtime

Part 4 – Runtime Analysis Using Cycript (Yahoo Weather App)

http://highaltitudehacks.com/2013/07/02/ios-aios-appllication-security-part-4-runtime-analysis-using-cycript-yahoo-weather-app

Part 5 – Advanced Runtime analysis and manipulation using Cycript (Yahoo Weather App)

http://highaltitudehacks.com/2013/07/02/ios-application-security-part-5-advanced-runtime-analysis-and-manipulation-using-cycript-yahoo-weather-app

Part 6 - New Security Features in iOS 7

http://highaltitudehacks.com/2013/07/25/ios-application-security-part-6-new-security-features-in-ios-7

Part 8 - Method Swizzling using Cycript

http://highaltitudehacks.com/2013/07/25/ios-application-security-part-8-method-swizzling-using-cycript

Part 9 – Analyzing Security of iOS Applications using Snoop-it

http://highaltitudehacks.com/2013/08/20/ios-application-security-part-9-analyzing-security-of-ios-applications-using-snoop-it

Part 10 – iOS Filesystem and Forensics

http://highaltitudehacks.com/2013/08/20/ios-application-security-part-10-ios-filesystem-and-forensics

Part 11 – Analyzing Network Traffic over HTTP/HTTPS

http://highaltitudehacks.com/2013/08/20/ios-application-security-part-11-analyzing-network-traffic-over-http-slash-https

Part 12 – Dumping Keychain Data

http://highaltitudehacks.com/2013/08/20/ios-application-security-part-12-dumping-keychain-data

Part 13 – Booting a custom Ramdisk using Sogeti Data Protection tools

http://highaltitudehacks.com/2013/09/17/ios-application-security-part-13-booting-a-custom-ramdisk-using-sogeti-data-protection-tools

Part 14 – Gathering information using Sogeti Data Protection tools

http://highaltitudehacks.com/2013/09/17/ios-application-security-part-14-gathering-information-using-sogeti-data-protection-tools

Part 15 – Static Analysis of iOS Applications using iNalyzer

http://highaltitudehacks.com/2013/09/17/ios-application-security-part-15-static-analysis-of-ios-applications-using-inalyzer

Part 16 – Runtime Analysis of iOS Applications using iNalyzer

http://highaltitudehacks.com/2013/09/17/ios-application-security-part-16-runtime-analysis-of-ios-applications-using-inalyzer

Part 17 – Black-Box Assessment of iOS Applications using INTROSPY

http://highaltitudehacks.com/2013/09/23/ios-application-security-part-17-black-box-assessment-of-ios-applications-using-introspy

Part 18 – Detecting custom signatures with Introspy

http://highaltitudehacks.com/2013/09/26/ios-application-security-part-18-detecting-custom-signatures-with-introspy

Part 19 – Programmatical Usage of Introspy

http://highaltitudehacks.com/2013/10/26/ios-application-security-part-19-programmatical-usage-of-introspy

Part 20 – Local Data Storage (NSUserDefaults

http://highaltitudehacks.com/2013/10/26/ios-application-security-part-20-local-data-storage-nsuserdefaults

Part 21 – ARM and GDB Basics

http://highaltitudehacks.com/2013/11/08/ios-application-security-part-21-arm-and-gdb-basics

Part 22 – Runtime Analysis and Manipulation using GDB

http://highaltitudehacks.com/2013/12/17/ios-application-security-part-22-runtime-analysis-and-manipulation-using-gdb

Part 23 – Defending against runtime analysis and manipulation

http://highaltitudehacks.com/2013/12/17/ios-application-security-part-23-defending-against-runtime-analysis-and-manipulation

Part 25 – Secure Coding Practices for iOS Development

http://highaltitudehacks.com/2013/12/17/ios-application-security-part-25-secure-coding-practices-for-ios-development

Part 26 – Patching iOS Applications using IDA Pro and Hex Fiend

http://highaltitudehacks.com/2013/12/17/ios-application-security-part-26-patching-ios-applications-using-ida-pro-and-hex-fiend

Part 27 - Setting up a mobile pentesting environment with iOS 7 Jailbreak

http://highaltitudehacks.com/2014/01/17/ios-application-security-part-27-setting-up-a-mobile-pentesting-environment-with-ios-7-jailbreak

Part 28 - Patching iOS Application with Hopper

http://highaltitudehacks.com/2014/01/17/ios-application-security-part-28-patching-ios-application-with-hopper

Part 29 - Insecure or Broken Cryptography

http://highaltitudehacks.com/2014/01/17/ios-application-security-part-29-insecure-or-broken-cryptography

Part 30 - Attacking URL schemes

http://highaltitudehacks.com/2014/03/07/ios-application-security-part-30-attacking-url-schemes

Part 31 - The problem with using third party libraries for securing your apps

http://highaltitudehacks.com/2014/03/18/ios-application-security-part-31-the-problem-with-using-third-party-libraries-for-securing-your-apps

Part 32 - Automating tasks with iOS Reverse Engineering Toolkit (iRET)

http://highaltitudehacks.com/2014/03/25/ios-application-security-part-32-automating-tasks-with-ios-reverse-engineering-toolkit-iret

Part 34 - Tracing Method calls using Logify

http://highaltitudehacks.com/2014/04/18/ios-application-security-part-34-tracing-method-calls-using-logify

Part 35 – Auditing iOS Applications With iDB

http://highaltitudehacks.com/2014/10/18/ios-application-security-part-35-auditing-ios-applications-with-idb

Part 36 – Bypassing certificate pinning using SSL Kill switch

http://highaltitudehacks.com/2014/11/03/ios-application-security-part-36-bypassing-certificate-pinning-using-ssl-kill-switch

Part 37 - Adapting to iOS 8

http://highaltitudehacks.com/2014/12/21/ios-application-security-part-37-adapting-to-ios-8

Part 38 - Attacking apps using Parse (Guest Lecture by Egor Tolstoy)

http://highaltitudehacks.com/2015/01/24/ios-application-security-part-38-attacking-apps-using-parse