papers.put.as

A collection of papers and presentation slides related to macOS, iOS, and (U)EFI Firmware.

iOS

-=[ Primer on Reversing Jailbroken iPhone Native Applications ]=-

year 2008
by Shub-Nigurrath
at N/A
type paper
hash d7ce8143584bdc93fe94df4b77a6cf7a46074818c0ad077ed05e9dd961aff535

-=[ iPhone Processing ]=-

year 2008
by Steve Whalen
at SANS DFIR Summit
type slides
hash f7e1662214d17c97011162b87d7015acaa1230d78cb23def5dc265a3a209b769

-=[ Fun and Games with Mac OS X and iPhone Payloads ]=-

year 2009
by Charlie Miller & Vicenzo Iozzo
at BlackHat EU
type paper
hash 23de2ace1a58167d432ee218aa265f02c906a6e114cdc9e930285e41fb6a194c

-=[ Patching Applications from Apple AppStore with additional protection ]=-

year 2009
by Reilly
at N/A
type paper
hash e77a8fa323e87e69fb7221fa8aa6d83f6f721f26ef50399e64cc30a7bbc7a1be

-=[ iPhone Rootkit? There’s an App for that! ]=-

year 2010
by Eric Monti
at ToorCon
type slides
hash 4356ad24434c5ea601ddcf22e56746f1c48dee6cc44aa002716ae75c95d92f2d

-=[ iPhone security model & vulnerabilities ]=-

year 2010
by Cedric Halbronn & Jean Sigwald
at HITB
type slides
hash b9946b4d2cea38a83fe146f63b555c67bd67c8cbda3d79e750c9e9d72122e17e

-=[ iPhone Privacy ]=-

year 2010
by Nicolas Seriot
at BlackHat DC
type paper
hash 439d1103ebafb7fe25332f446e4f371c5d9cffb52d1b164284dd666c5f9b9381

-=[ Adding ASLR to jailbroken iPhones ]=-

year 2010
by Stefan Esser
at POC
type slides
hash 7829c8888f6477ec8cd63ce3bd2df8338bc39ba21a41276f6b3e6aaf90bba790

-=[ Penetration Testing for iPhone/iPad Applications ]=-

year 2010
by Kunjan Shah
at N/A
type paper
hash 10e6109b26255ce70b73694163589b57d3f12d6d4f02901224ea342d942bd590

-=[ iNception – Planting and Extracting Sensitive Data From Your iPhone’s Subconscious ]=-

year 2011
by Laurent Oudot
at HITB Amsterdam
type slides
hash 0ef1fad7eeb90a1e1bea56ed915f8cd369f0b887fdb04b45afbf44c38094f6c1

-=[ iPhone Data Protection in Depth ]=-

year 2011
by Jean-Baptiste Bédrune & Jean Sigwald
at N/A
type slides
hash 25552e48b2898133ec6121f86f23c8c28a268cb9ced38d15a36b96f3be74dbd9

-=[ Auditing iPhone and iPad applications ]=-

year 2011
by Ilja van Sprundel
at N/A
type slides
hash 477061ecc010f7925114436c52ea285d930a03f2b8e66e941c8891819f1a80d4

-=[ Practical Consideration of iOS Device Encryption Security ]=-

year 2011
by Jens Heider & Matthias Boll
at N/A
type slides
hash 0cbb3b679c99b0cd0673f069c71c44eb50928dd00153b8dc7c3f4a8cd1752a65

-=[ Apple iOS 4 Security Evaluation ]=-

year 2011
by Dino Dai Zovi
at BlackHat
type slides
hash af73d6693fef42def66d937eadf2415c3ddab7308233603436b5b63f276bc0f7

-=[ Apple iOS 4 Security Evaluation ]=-

year 2011
by Dino Dai Zovi
at BlackHat
type paper
hash 22bc28db103b4ee506643bbefff14be65c57ddf9a6ae27e7199a3f08ec9b9c62

-=[ OVERCOMING iOS DATA PROTECTION TO RE-ENABLE iPHONE FORENSICS ]=-

year 2011
by Andrey Belenko
at BlackHat
type slides
hash e9c69669cee609d66d56a2ec2fc048a74c43a63f7b8ced9441c303d1033afa61

-=[ OVERCOMING iOS DATA PROTECTION TO RE-ENABLE iPHONE FORENSICS ]=-

year 2011
by Andrey Belenko
at BlackHat
type paper
hash 1066634e396a99cc56d0fd93c28cbb578ddf56a78e23d09152e1d0d03870b347

-=[ Exploiting the iOS Kernel ]=-

year 2011
by Stefan Esser
at BlackHat
type slides
hash dc0e6df422dc6bf7b0866c9a592dded49dcc8ca8c19f4421429e39577215a274

-=[ Exploiting the iOS Kernel ]=-

year 2011
by Stefan Esser
at BlackHat
type paper
hash 62a43041d18d4905ada5199f7a8597e0e26ce1b5382cc197e6bd446b8a4a8ac4

-=[ iPhone Exploitation – One ROPe to Bind Them All? ]=-

year 2011
by Stefan Esser
at HITB
type slides
hash 27e44c4a651c9753815d6a5911faad5503085448b8acca9dc7ca34d918b75f26

-=[ iPhone Espionage ]=-

year 2011
by Keith Lee
at SIGINT
type slides
hash 5aa4e7ea29abc43c573867bb0e8efaf502b5d7ceb951e5e63769c23af3ebdb0b

-=[ Antid0te 2.0 – ASLR in iOS ]=-

year 2011
by Stefan Esser
at HITB Amsterdam
type slides
hash f67332158701024c6e09773917b08a4be6ef31cb12febb5c93eab88de826ca3b

-=[ Targeting The IOS Kernel ]=-

year 2011
by Stefan Esser
at SyScan Singapore
type slides
hash 9bcccb54c11e0cc0a2760a040761fda1a832a6859cef1f4284c4fe34a7ac8254

-=[ Baseband Playground ]=-

year 2011
by Luis Miras
at Ekoparty
type slides
hash 53f04e7ee9a754048925e8bd88e9018df509378805d98706798ba2b81de4b451

-=[ Dont Hassle the Hoff : Breaking iOS code signing ]=-

year 2011
by Charlie Miller
at SyScan Taipei
type slides
hash 6c00735b0ca239961159898dde5fb34e0c3a4a6f31299c178d9bf3971dbdceb9

-=[ iOS Kernel Exploitation, IOKit Edition ]=-

year 2011
by Stefan Esser
at SyScan Taipei
type slides
hash bb219e0738ef45bbc32c3d2c150b08374e1814d10a5de2f1df8366d89d892842

-=[ Secure Development on iOS ]=-

year 2011
by David Thiel
at PacSec
type slides
hash 36e8728ba8b54747ee7266326bca9b7faf8337d9c1044b014cbf52b2c48dfed1

-=[ An analysis on iOS Jailbreak ]=-

year 2011
by Huang Heqing
at N/A
type paper
hash f5d05e57390742e6adf392c29979a4f5649d27a0870f99de16e4df3e718c0a65

-=[ An analysis on iOS Jailbreak ]=-

year 2011
by Huang Heqing
at N/A
type slides
hash 240943253bc355dcc50fe0b960cad2baae68d5ca5a17b7495b773c8048a7a166

-=[ Evolution of iOS Data Protection and iPhone Forensics: from iPhone OS to iOS 5 ]=-

year 2011
by Andrey Belenko & Dmitry Sklyarov
at BlackHat Abu Dhabi
type slides
hash aff2a924f97e26e96de8983d9e66cf77668bbf03d9c1931f23fcd39ccf4dc0bf

-=[ iOS applications reverse engineering ]=-

year 2011
by Julien Bachmann
at SCS
type slides
hash 2e114994ce9f47938441c5fc3c1fbfb59ea045dfe6e9ba484be1d7969c61a785

-=[ Apple iPad In the Work Place ]=-

year 2011
by Russ Spooner
at N/A
type paper
hash 2fb5854499fe79eb23aa158b159d2436c11cb67f5adf2372588353dbbffed11d

-=[ Attacking and Defending Apple iOS Devices in the Enterprise ]=-

year 2011
by Tom Eston
at N/A
type slides
hash 25fca5e96d43119648650834fed9cbca25d2d8d5352b64d1d59bef640b093aa9

-=[ Writing secure iOS applications ]=-

year 2011
by Ilja van Sprundel
at N/A
type slides
hash be005ec68a961e3f3f48a96351913eb673f592c863afd62611d467c663f2e1e3

-=[ Rootkit for iPhone & Way To Launch Real attack ]=-

year 2011
by Xu Hao & Chen Xiaobo
at POC
type slides
hash 0fa51bda51502157b57000d6668687f0eeaed39168d1e302fa470b17b39a00c3

-=[ Inside Apple’s MDM Black Box ]=-

year 2011
by David Schuetz
at BlackHat
type slides
hash ad319225f8202c79af499abe67fe021dddcf8a41b21dfad6323ccaa890a3bcae

-=[ Inside Apple’s MDM Black Box ]=-

year 2011
by David Schuetz
at BlackHat
type paper
hash 477e84304dce45f2677b9f195351ef28f3dae5796757eb44632ba48c5c700fb4

-=[ Pentesting iPhone Applications ]=-

year 2011
by Satishb3
at c0c0n
type slides
hash 7671a0ead116c803d10f617376f146931882160836e803fa500af47671d3b322

-=[ Pentesting iPhone & iPad Apps ]=-

year 2011
by Flora Bottaccio and Sebastien Andrivet
at Hack In Paris
type slides
hash 616f17ab32783b16c2e2661c92b7a0754612d209dd80b4f4bd84a0060a524b1f

-=[ NEW AGE APPLICATION ATTACKS AGAINST APPLE’s iOS [AND COUNTERMEASURES] ]=-

year 2011
by Nitesh Dhanjani
at BlackHat Barcelona
type paper
hash 4fbe961ff5cc9b454774943915f625a3049e48d66b3c8940038bb558a8af8b54

-=[ Hacking and Securing Next Generation iPhone and iPad Apps ]=-

year 2011
by Nitesh Dhanjani and Sean Pennline
at Sans AppSec Summit
type slides
hash c8beef0e2b2fd2fe908ade963eb2040b7645b072210380c78e7a9aec0f87248b

-=[ Attacking iPhone & iPad applications ]=-

year 2011
by Sebastien Andrivet
at Soft-Shake
type slides
hash f8e9d40c5a17fb640fd72f2696e1612bf4f1eb761af38f30da6ac326fd7192e2

-=[ Handling iOS encryption in a forensic investigation ]=-

year 2011
by Jochem van Kerkwijk
at N/A
type paper
hash 2fe5ca419276ef4c37dc36ab482d6ba44facb091aa882b3fb3756467d3e7f089

-=[ iOS Forensics: Overcoming iPhone Data Protection ]=-

year 2011
by Andrey Belenko
at N/A
type slides
hash ff7a5edaf6a50a5c9908ab235da51628cb0629c4bb9296607cc76ab7e2a5a3e4

-=[ IPhone backup files. A penetration tester’s treasure trove? ]=-

year 2011
by Darren Manners
at N/A
type paper
hash 6f835561737dbbffcfbcd5bbb2fd6118e36171703bbaafc7a6e8854be14c3d53

-=[ iPhone Forensics with F/OSS ]=-

year 2011
by ViaForensics
at N/A
type slides
hash 005c39b9b5ce08110a845e3550eb51928fd3e8f3041325c62c0f8f8e6aac295b

-=[ iOS Forensics ]=-

year 2011
by Sean Morrissey
at SANS DFIR Summit
type slides
hash 09c2c9f1209ba95680f1b960cbbfeaf9055e13623374684bb05d7fa997f98d08

-=[ iOS5 An Exploitation Nightmare? ]=-

year 2012
by Stefan Esser
at CanSecWest
type slides
hash 66a4d3c1e05d26915d8b3f8d4f79419a407a14c4761614cf1ba1fdebba55205f

-=[ iOS Application (In)Security ]=-

year 2012
by Dominic Chell
at OWASP Ireland
type slides
hash b2e1126062a3ccabbc879743bd554e1096aea808bcededc4a2774946c6732ddb

-=[ iOS Application (In)Security ]=-

year 2012
by MDSec
at N/A
type paper
hash 6d21745d30cb02ac889da76d17685954fb44b4db38c8b82d9043b616e62de299

-=[ iOS Applications – Different Developers Same Mistakes ]=-

year 2012
by Paul Craig
at SyScan Singapore
type slides
hash 584e3f9234dba2b7dc6130a3fc3cb8cbdd45af7e57d66f8e3636d53330393c2c

-=[ iOS Kernel Heap Armageddon ]=-

year 2012
by Stefan Esser
at SyScan Singapore
type slides
hash 6fd27d6ac2697b9746cb5619954a5721d51434cb68832907d4bd34b3c7014408

-=[ Evaluating iOS Applications ]=-

year 2012
by MDSec
at OWASP Manchester
type slides
hash 6f866d4510885f551651817512a411a6ead47286a429e6d29c153bbbaab382f5

-=[ Secure Password Managers and Military-Grade Encryption on Smartphones: Oh, Really? ]=-

year 2012
by Andrey Belenko & Dmitry Sklyarov
at BlackHat EU
type slides
hash ae81e9e5817eac31baec34c237016bde803181d7b102ce95ffc765f3e702ab50

-=[ Secure Password Managers and Military-Grade Encryption on Smartphones: Oh, Really? ]=-

year 2012
by Andrey Belenko & Dmitry Sklyarov
at BlackHat EU
type paper
hash a8c9aadc375942f9cf500b594d2873c51ab3286578773a349c0ea94f47331987

-=[ Corona Jailbreak for iOS 5.0 ]=-

year 2012
by Jailbreak Dream Team
at HITB Amsterdam
type slides
hash c669af2acd898f4c65c0d00e1da77e7fe88c6bba981a60c24ce6ebe8fc9748c1

-=[ Corona Jailbreak for iOS 5.0.1 ]=-

year 2012
by Jailbreak Dream Team
at HITB Amsterdam
type slides
hash 82c50f86af398eb7ee24e497a909fc7439f2072b086611f227e143ecab472e3f

-=[ Absinthe Jailbreak for iOS 5.0.1 ]=-

year 2012
by Jailbreak Dream Team
at HITB Amsterdam
type slides
hash cb6804579f18ef96b10fe9b4cfb99048061dc7c3dd22266489e90f5baa3dc01c

-=[ iOS 6 Security: A Hacker’s Guide ]=-

year 2012
by Mark Dowd & Tarjei Mandt
at HITB
type slides
hash ff4025631bceaa26fdbce51877b7dd4f7d290698fce6d500f7d4d190d48c45af

-=[ Find Your Own iOS Kernel Bug ]=-

year 2012
by Xu Hao & Xiabo Che
at POC
type slides
hash 3cbc098e63bb7ca4f737e39bb0806015f9be7ae418cf51dae6ebabe063223801

-=[ Practical iOS Apps hacking ]=-

year 2012
by Mathieu Renard
at GreHack
type paper
hash c0203b18a05e3d0748943c5aedd3037782f1ae400a5d68816878e12d443af660

-=[ Defending Data on iOS ]=-

year 2012
by Securosis, LLC
at N/A
type paper
hash 623bc397d29312470083649804c4400b497e4ea401d5be8b98ae7162e124b270

-=[ Jailbreaking Techniques ]=-

year 2012
by pod2g
at WWJC
type slides
hash 3c8e9374d43b6f7d77c2234d287796257e564be8bb45e379019ead16a746ca90

-=[ Downgrading iOS: SHSH Blobs & APTickets ]=-

year 2012
by iH8sn0w
at WWJC
type slides
hash 5cd2540bf620edf05ab55873bf4c3550ddba38c8afc34774b7bb912ee65a589b

-=[ A Close-Up on Jailbreaking and Tweak Development ]=-

year 2012
by Nokias Bassen
at WWJC
type slides
hash 305e9665f090a171bd1acbbb056b22eddf2cf75dc8293a4351c15550819963ff

-=[ iOS applications auditing ]=-

year 2012
by Julien Bachmann
at AppSec Forum
type slides
hash 50218eea557b686604f8405933af7f3bab51f9504bbbc7b76755eeb2d0f7fa40

-=[ Pentesting iOS Apps: Runtime Analysis and Manipulation ]=-

year 2012
by Andreas Kurtz
at DeepSec
type slides
hash 6304f4b30a71fab2a871daa1927e97f2d1cbd61a7cd1d26ead7fff38de23fbd8

-=[ Practical iOS Apps hacking ]=-

year 2012
by Mathieu Renard
at GreHack
type slides
hash 63aa0682a66785f687a445749a35b04d630815e3624a1cd8b60d95e8e3f4250d

-=[ Hacking iOS Applications ]=-

year 2012
by Mathieu Renard
at Hack.lu
type slides
hash a6a16a764e460f71f1f7440b664bc89d18636a9b509aee07e0dd1fce255cbe6d

-=[ The Dark Art of iOS Application Hacking ]=-

year 2012
by Jonathan Zdziarski
at BlackHat
type slides
hash 3f12f3d4fc10ca1aea25939704359960857bd7b4423904048dd65e1864e0bfd2

-=[ Attacking the iOS Kernel: A Look at ‘evasi0n’ ]=-

year 2013
by Tarjei Mandt
at NIS
type slides
hash 0ba33dc64a9eb41bc16a7a9e48636dc7486b9d56de26d24c3d871f553288c8e7

-=[ Swiping Through Modern Security Features ]=-

year 2013
by evad3rs
at HITB Amsterdam
type slides
hash 8a506929f49af48b4a19ae855a6b7d83536fcb4a56f0e6da9f1fa1618ac8a322

-=[ Blackbox analysis of iOS apps ]=-

year 2013
by Dmitry Evdokimov
at ZeroNights
type slides
hash fe7523c0de6118a046b78e64437cf59a19e789229d6e3ec7094fbe24499fcfce

-=[ How to assess and secure iOS apps ]=-

year 2013
by NCC Group
at 44Con
type slides
hash 704c6c12193d6b95220f6242a413ff46decb69a47deb235da31ce0a9f91cea2a

-=[ Tales from iOS 6 Exploitation and iOS 7 Security Changes ]=-

year 2013
by Stefan Esser
at SyScan360 Beijing
type slides
hash aa554066fa178aac334abe8b741d609dc4e01c6690caffe290042f7505a6ad05

-=[ Tales from iOS 6 Exploitation and iOS 7 Security Changes ]=-

year 2013
by Stefan Esser
at HITB
type slides
hash 35742e71ba721d5d04ad92336581bae0e32518d6edc5e96e98fdb06af79f807f

-=[ iMessage Privacy ]=-

year 2013
by pod2g & gg
at HITB
type slides
hash 1d393756fa8bae533391b4947fd4491f3e2b080d883670e861fd3504ee9ebdda

-=[ SHAttered Dreams - Adventures in BootROM Land ]=-

year 2013
by posixninja
at HITB
type slides
hash b52768a617c5e60708b630469b63aabb50368358f79036040bf797dd8d48ffd6

-=[ Modern smartphone forensics ]=-

year 2013
by Vladimir Katalov
at HITB
type slides
hash ba803dfdf1fa1ff08044023da4d9195edf00dbdf4aaf953ad472d39c4ce1f805

-=[ fuzzyDuck.sh - iOS Fuzzin Wrapper Script ]=-

year 2013
by isa56k
at N/A
type slides
hash 00156f830b9161e2fbe51a9cb17caff77012a456b8d90b87f4b4ffbd86017cbd

-=[ Usability vs. Security: The Everlasting Trade-Off in the Context of Apple iOS Mobile Hotspots ]=-

year 2013
by Andreas Kurtz, Felix Freiling, Daniel Metz
at N/A
type paper
hash e3ad95387610b5a1c43bbcf6ce716cc85296bf87179212b9efdbe8af82ff1e4d

-=[ Introspy - Security Profiling for Blackbox iOS and Android ]=-

year 2013
by Marc Blanchou & Alban Diquet
at Ruxcon
type slides
hash 182a86d4137c96ceb56f85e4a1f66add5d554138d25872617f9edd6dc40150c2

-=[ iOS 6 exploitation 280 days later ]=-

year 2013
by Stefan Esser
at CanSecWest
type slides
hash ec225390c392039c58bb87a1e36d04285c18a7a0535634e47c66ea2f4ebd93bc

-=[ Mactans: Injecting Malware into iOS Devices via Malicious Chargers ]=-

year 2013
by Billy Lau, Yeongjin Jang, Chengyu Song
at BlackHat
type slides
hash 66755c8b04c162099b9947e6f82fddce2689f25c389d47d57329bf3a6f68f614

-=[ Mactans: Injecting Malware into iOS Devices via Malicious Chargers ]=-

year 2013
by Billy Lau, Yeongjin Jang, Chengyu Song
at BlackHat
type paper
hash 6a007d916025970e318c3f4f3d5ae1fe6e2809fbf6d7e8438db02e10f21a043d

-=[ Penetration Testing for iOS Applications ]=-

year 2013
by ShadowLabs
at OWASP
type slides
hash 8988e79c5f33c3fcfe72871a05142adb2caa609d22f6e00bc2d55abdc91d50b7

-=[ Hacking apple accessories to pown iDevices - Wake up Neo! Your phone got pown! ]=-

year 2013
by Mathieu Renard
at HES
type slides
hash f4c1a43a92e8495b2faabba22660448e8b2985a60a752f84bdebedca37333edb

-=[ iOS Debugging ]=-

year 2013
by Dawid Planeta
at N/A
type slides
hash 98208ecd0334e8a25a4136c10b954284a0990e549481dd2cdf70a4746b2f392c

-=[ Advanced iOS Application Pentesting ]=-

year 2013
by Vivek Ramachandran
at BlackHat EU
type slides
hash e441c1687c8beab8e0bc415e305ce17f0637d5ab3efe92ff0786bea14312cbc4

-=[ Acquisition and Analysis of iOS Devices ]=-

year 2013
by Mattia Epifani
at SANS Forensics Prague
type slides
hash a68a822306a5bd5d25973fdbcebd1b6752ebcf37216c72e37db5bd79dfa0fe6a

-=[ Identifying Back Doors, Attack Points, and Surveillance Mechanisms in iOS Devices ]=-

year 2014
by Jonathan Zdziarski
at HOPE/X
type slides
hash b916f6cb20392c9b3e93fcf6a47a142131775f674326c162a033deaf34c10490

-=[ Reversing iOS Apps – a practical approach ]=-

year 2014
by Patrick Wardle
at T2
type slides
hash 53ae76a1df0f2bf7047f67cb744c40aed55748dbe83c595f663ac502bb5baa25

-=[ Exploiting Unpatched iOS Vulnerabilities for Fun and Profit ]=-

year 2014
by Various Authors
at N/A
type slides
hash 14936b2b2984266b5c4db1bb32674842c5d5d9db6b1feed783a82e562c766ea2

-=[ idb – iOS Blackbox Pentesting ]=-

year 2014
by Daniel A. Mayer
at ShmooCon
type slides
hash 25058c3e40c551f71e7b05191ad6d3a3d9492c281a330eb2143f78d1c8fd794e

-=[ Exploring and Exploiting
iOS Web Browsers ]=-

year 2014
by Lukasz Pilorz, Marek Zmyslowski
at HITB Amsterdam
type slides
hash 4b7762a65025810a60c847816024b5bc9440a12362368aa4c190ead1fa39ae69

-=[ Revisiting iOS Kernel (In)Security: Attacking the Early Random PRNG ]=-

year 2014
by Tarjei Mandt
at CanSecWest
type slides
hash 52ccd025f06783af08907b4f852980c01d4cabbf0dbeb466fa60beb513a722c7

-=[ Revisiting iOS Kernel (In)Security: Attacking the Early Random PRNG ]=-

year 2014
by Tarjei Mandt
at CanSecWest
type paper
hash 015d1fd64701018f47c47ce3f75ec116547f2b46a7ae4b2480a3275ba0a53305

-=[ DiOS: Dynamic Privacy Analysis of iOS Applications ]=-

year 2014
by Andreas Kurtz, Andreas Weinlein, Christoph Settgast, Felix Freiling
at N/A
type paper
hash 27fde8cb97465ce7fa75c29bb1dd8b57d3ef33f521c63467d40319e4d6a65dcb

-=[ iOS Apps reversing - a practical approach ]=-

year 2014
by Patrick Wardle
at Source Boston
type slides
hash 83c5f814621387a1c21ea83510149c64f371cd4c201becd3872737d4b4cbb63e

-=[ Mobile Browsers Security: iOS ]=-

year 2014
by Lukasz Pilorz, Pawel Wylecial
at SyScan360
type slides
hash d8d02a256b9063e308ed67f7b3cb65dd79423411fcacd6b4e52955f2b1001fee

-=[ iOS 678 Security
– Study in Fail ]=-

year 2015
by Stefan Esser
at SyScan Singapore
type slides
hash e9c162fbb42e12fa129859a4c22e60cb0784fab1f14fcc46a2c91cf0ec633271

-=[ Optimized Fuzzing IOKIT in iOS ]=-

year 2015
by Lei Long
at BlackHat
type slides
hash f0611e88d889f45c925da4d42dd096f91867593258c60b39095f8cef6204f6e3

-=[ Optimized Fuzzing IOKIT in iOS ]=-

year 2015
by Lei Long
at Blackhat
type paper
hash 10f0ebc7b0c3d5dd1d6046570486b14a830b3ad961fd2aa86b973a2f544f4a40

-=[ Review and Exploit Neglected Attack Surface in iOS 8 ]=-

year 2015
by Pangu Team
at BlackHat
type slides
hash f577e46b7e7319c37393a6fca53fd27c17df0504c347016aed7615016264dfea

-=[ Hacking from iOS 8 to iOS 9 ]=-

year 2015
by Pangu Team
at Ruxcon/POC
type slides
hash 30979183c0dcc105a4349b1ec46bb91d32b8b9896b7359e7559ac1dd71d763fb

-=[ The Userland Exploits of Pangu 8 ]=-

year 2015
by Pangu Team
at CanSecWest
type slides
hash c80d36853ca8e631cf59f1afd14401dd4b5d39fb187ae6a7bad8c34d6d0cd634

-=[ death of the vmsize=0 dyld trick ]=-

year 2015
by Stefan Esser
at SyScan Singapore
type slides
hash 2c211ecda6d1230e851a4cc1a64c8b8ff3f65fa10b2ed46db8fd93d5f9ca63d0

-=[ Giving Mobile Security the Boot ]=-

year 2016
by Jonathan Levin
at N/A
type slides
hash c68497617c276e102ec1fe992920787364afdab1393ede84db1f4533d2fd0701

-=[ Fruit vs Zombies: Defeat Non-jailbroken iOS Malware ]=-

year 2016
by Claud Xiao
at Shakacon
type slides
hash d3efd7c969a4607699e96dd6da1eca0ef223eb92c7f2581005cf7c75c41948e7

-=[ Demystifying the Secure Enclave Processor ]=-

year 2016
by Tarjei Mandt, Mathew Solnik, David Wang
at BlackHat
type slides
hash 880fc21b4549b9ad417b1bbb8b0c29bd86c472d13a7f924c8641b2a13a585d4d

-=[ Pangu 9 Internals ]=-

year 2016
by Tielei Wang, Hao Xu, Xiaobo Chen
at BlackHat
type slides
hash f2d712305d1993de7ff312a6639c68874db5d259349b3f048ff14212f0370fe7

-=[ Pangu 9 Internals (BH site version) ]=-

year 2016
by Tielei Wang, Hao Xu, Xiaobo Chen
at BlackHat
type slides
hash 1cf6b4473687270946e65cf268f4ac7db9e4132e17bc59a443fcc634564fe9b2

-=[ Behinde the Scenes with iOS Security ]=-

year 2016
by Ivan Krstic
at BlackHat
type slides
hash 417434fbd677df115cde90dbdc86328dea796162fe62d08fbb89ef65df094cce

-=[ iOS 10 - Kernel Heap Revisited ]=-

year 2016
by Stefan Esser
at HITB GSEC
type slides
hash 3828483488f036c31b91b25c991b10cb1d539684bba4bb4fdc2a6e2016224d60

-=[ Technical Analysis of the Pegasus Exploits on iOS ]=-

year 2016
by Max Bazaliy
at n/a
type paper
hash 73ee15d1b99100557202f7f3af40c1951c64e406f94444878fc58895fc03dc9d

-=[ SandScout: Automatic Detection of Flaws in iOS Sandbox Profiles ]=-

year 2016
by Luke Deshotels, Razvan Deaconescu, Mihai Chiroiu, Lucas Davi, William Enck,Ahmad-Reza Sadeghi
at n/a
type paper
hash 1bec5d73d24a4557dc89a3f8c2f738933fba87bca53f7ad5a9837d9ed5d7366c

-=[ Pegasus Internals ]=-

year 2016
by Max Bazaliy
at 33c3
type slides
hash bcc34eaccf22328a5bfd6b41da2a58bdddbdbdb1d4485bd26558e81cdd828fb7

-=[ The bumpy road towards iPhone 5c NAND mirroring ]=-

year 2016
by Sergei Skorobogatov
at n/a
type paper
hash 6daa3dc0a138dbf649444564bb459ad1f8c2f78242c56d84c638e66bc81517ff

-=[ Mobile Espionage in the Wild - Pegasus and Nation-State Level Attacks ]=-

year 2016
by Max Bazaliy, Seth Hardy, Andrew Blaich
at BlackHat Europe
type slides
hash 608ca122bd68c929e4f09a5862f54018e2dbc5f8b03b44ee435baacae07f89e7

-=[ The iOS of Sauron: How iOS Tracks Everything You Do ]=-

year 2016
by Sarah Edwards
at n/a
type slides
hash d996e047abf4d6fc95159cf9a18ca38d524bd61c89c9d916b64252c9b927071b

-=[ iOS FORENSICS: WHERE ARE WE NOW AND WHAT ARE WE MISSING? ]=-

year 2016
by Mattia Epifani & Pasquale Stirparo
at SANS EU Digital Forensics
type slides
hash 764ef4f6246a9867f7f9550b0fb870f99322e1c0c36507cb37cbaf256c858628

-=[ The iOS of Sauron: How iOS Tracks Everything You Do ]=-

year 2016
by Sarah Edwards
at n/a
type slides
hash caa60781899d8508df4c75f6dd5f1553336c3b1baf94481dc55132696a7aeebb

-=[ The incident response playbook: For Android and iOS ]=-

year 2016
by Andrew Hoog
at n/a
type slides
hash eb809d6bcb8756c841e748f283ea6138bfd8c9f76d7a78d9c711cd8a7893ef30

-=[ Revisiting the Kernel Security Enhancements in iOS 10 ]=-

year 2017
by Liang Chen
at MOSEC
type slides
hash e94411f547cd6f4d25b5a3122d05e22a71bb3049d607fb004072fb97da5260c5

-=[ Mobile Threat Intelligence Report - 10 YEARS OF (HACKING) IOS ]=-

year 2017
by Skycure
at n/a
type paper
hash 46a16fbfc17bb05cdbc3093b127f73414e1804a331cd08561c7674d13c1ad00b

-=[ Through the mach portal ]=-

year 2017
by Ian Beer
at n/a
type slides
hash d8d32287744a8265dd8f49c3e37a20c7b3243474a4cd2c41dd11518f7d559301

-=[ A Look at Modern iOS Exploit Mitigation Techniques ]=-

year 2017
by Luca Todesco
at MOSEC
type slides
hash 96e46d95476a9457a3e440969f5d6415bf28793395fa83f6467c644c59827471

-=[ Fried Apples: Jailbreak DIY ]=-

year 2017
by Max Bazaliy, Alex Hude, Vlad Putin
at BlackHat
type slides
hash 30c14f95046eef0e99dc2e4d9654edce38c74b2ea18ae95bda93f2bf8be4837e

-=[ Jailbreaking Apple Watch ]=-

year 2017
by Max Bazaliy
at Defcon
type slides
hash 7eaf6866aace1077df9dc9647f7082741967ea677e83cee0de364b92c2fee7b0

-=[ Ro(o)tten Apples ]=-

year 2017
by Adam Donenfeld
at BlackHat EU
type slides
hash 68867ea2489371535e0e2d0924499c8f8e787ec720bed1494a3f2cb4cbd2c4bd

-=[ Port(al) to the iOS Core ]=-

year 2017
by Stefan Esser
at CanSecWest
type slides
hash 3a35aac7dc2a3e97188ab8465d6f78589948d82887e696ae844d6f0a02ad800c

-=[ 5 minutes with the MacOS/iOS Zone Allocator ]=-

year 2017
by Stefan Esser
at WhiskeyCon
type slides
hash 506856d8e278ffc5a035e79635b15a7d82bb8706301c42ec752e18e01aabf1fc

-=[ iOS/macOS 0-day^w48-hours ]=-

year 2018
by Eloi Vanderbeken
at BeeRumP
type slides
hash 96590fc753ec168aa104576c63d8c2750c317ad9b9425db0011ef60f1b038d74

-=[ Friends! CountryMen! Lend me your task port! ]=-

year 2018
by Jonathan Levin
at HITB
type slides
hash a8cfa0cc6e5b001d7eea8f9bb56148bc5b44ed90e1c3734eb0c282277776c53d

-=[ Eat the core of an Apple: How we analyze and find bugs in macOS and iOS kernel drivers ]=-

year 2018
by Xiaolong Bai and Min(Spark) Zheng
at HITB
type slides
hash 6a21d14432312f276a46b2cfb98161a507bc48400899551ca7d76585b5808d27

-=[ The HIDeous parts of IOKit ]=-

year 2018
by Siguza
at Zer0con
type slides
hash 8077ef82b50ef93f75146a55bf584af492df655621475264d5913329b3a2ffcb

-=[ build your own iOS kernel debugger ]=-

year 2018
by Ian Beer
at n/a
type slides
hash 9a65ad8c8039666fadfb62749643ec7a5de657c75942cbc61c387240501b5cda

-=[ Look at The XNU Through A Tube CVE-2018-4242 Write-up ]=-

year 2018
by Zhuo Liang
at n/a
type paper
hash 393225f43da9ca6264cd24f87f2a33c14116befa8890ac6a4e053987b766c8bc

-=[ The Path to EL1 in iOS 11 ]=-

year 2018
by Ian Beer
at BlackHat
type slides
hash c36718a8911a18f47ba6275ecb8c28feb8dd9cfd11e314ec357d97a1bc7334c4

-=[ The Path to EL1 in iOS 11 (with speaker notes) ]=-

year 2018
by Ian Beer
at BlackHat
type slides
hash d824d2639fa948f5c34b5175e27d8078a43ef1765a7f009117e771519528abbc

-=[ Fasten your seatbelts: We are escaping iOS 11 sandbox! ]=-

year 2018
by Min(Spark) Zheng & Xiaolong Bai
at Def Con 26
type slides
hash 43dd5855c153d156f1a496caa97187031d72df3b54022a50527ad4670f982ff9

-=[ Where’s My Browser? Learn Hacking iOS and Android WebViews ]=-

year 2018
by David Turco & Jon Overgaard Christiansen
at Def Con 26
type slides
hash 197da59f52b8f56a393f30a43bb87b9446598b339ae24fcfb66a896c78175f18

-=[ The last line of defense: understanding and attacking Apple File System on iOS ]=-

year 2018
by Xiaolong Bai
at BlackHat EU
type slides
hash b5ab011e42e8ee15110db7d72e83925e0e47dd82107eafb9c837b30bca6a8632

-=[ Eternal War in XNU Kernel Objects ]=-

year 2018
by Min(Spark) Zheng, Xiaolong Bai, Hunter Qu
at BlackHat EU
type slides
hash 29fd87c0644df788151ae563585c5dbcfa7449fe9aa23a154281b552e3ce5bea

-=[ Automated Evaluation of Access Control in the iPhone Operating System ]=-

year 2018
by Luke Alec Deshotels
at n/a
type thesis
hash 51921f379eacd1dda7f84bc2865d5fd83914de7a731c72b507983da444e2987d

-=[ iOS War Stories ]=-

year 2018
by Marco Grassi & Liang Chen
at Infiltrate
type slides
hash 75ce0d7dd23a4e7dc64ddb7d80b323ea93b5bbfd84fd52008f5413e621c1a85e

-=[ A Forensic Exploration of iOS Health Data ]=-

year 2018
by Sarah Edwards & Heather Mahalik
at SANS DFIR Summit
type slides
hash 90fda02c343ce937ede2a8f32725ec8f71cd342168ffb8e5ca8deae386c16082

-=[ vs com.apple.security.sandbox ]=-

year 2019
by Patroklos Argyroudis
at CanSecWest
type slides
hash 745f1a53fd8937077f92e16ee85037fe4b759b6ee494f6f30502919d992da1f1

-=[ The hidden gems of iOS ]=-

year 2019
by Corellium
at BlackHat
type slides
hash 0446ffe321878b380cf7ab8ee8adbee039eba9e401bce1c8d2ad1754f84bc019

-=[ Life as an iOS Attacker ]=-

year 2019
by Luca Todesco
at BlueHat IL
type slides
hash 37954c509cf0151243601d58b1dbb0be885a4638f74700843da02d0a63a3deb6

-=[ Towards Discovering Remote Code Execution Vulnerabilities in Apple FaceTime ]=-

year 2019
by Tao Huang and Tielei Wang
at BlackHat
type slides
hash e908f8db5d1dddb3bc17cec1816c0628bbf818b5787d092b082c7b9acf365287

-=[ Look, No Hands! The Remote, Interaction-less Attack Surface of the iPhone ]=-

year 2019
by Natalie Silvanovich
at BlackHat
type slides
hash 07f661f9c7d05f5696b80be0b503bf1de7c7bc4c29e933fe197df00b3ca0290f

-=[ Attacking iPhone XS Max ]=-

year 2019
by Tielei Wang and Hao Xu
at BlackHat
type slides
hash e226c48a05ab0ceec27b79d7749360b79a0805aab3c2ce36577b963be646f332

-=[ All Your Apple Are Belong To Us: Unique Identification and Cross-device Tracking of Apple Devices ]=-

year 2019
by Min(Spark) Zheng, Xiaolong Bai, Hunter Qu
at BlackHat
type slides
hash 407e70500c32d89fd576dea6f54d1d315f3b4eccb821ba22c177431e58320a67

-=[ Seeing Inside The Encrypted Envelope ]=-

year 2019
by Natalie Silvanovich
at REcon
type slides
hash 5fb1802f33d05acf2a83a59a69b067a7ce4e81983a0d8655803b0d0c712fa628

-=[ WEN ETA JB? A 2 million dollars problem ]=-

year 2019
by Eloi Benoist-Vanderbeken, Fabien Perigaud
at SSTIC
type slides
hash a928b585317f5ec02b332409947a5aa4b2f110948553ec35f5fc86f6120fef72

-=[ WEN ETA JB? A 2 million dollars problem ]=-

year 2019
by Eloi Benoist-Vanderbeken, Fabien Perigaud
at SSTIC
type paper
hash d6ebd114267f00a7979f0439f2e89073ff5381cec39834410ad3379445125c37

-=[ Totally Not Spyware: Jailbreaking from the Browser ]=-

year 2019
by Ben Sparkes
at TyphoonCon
type slides
hash 12291a5c93fc9fc46c3ebe4113113cb1db9afaa21c69ea6cb818e325e2a51210

-=[ voucher_swap ]=-

year 2019
by Brandon Azad
at TyphoonCon
type slides
hash 7efd5fd00bb1524d175ddba26fda897952b799d9588629495fc4c6c64e415c8f

-=[ Recreating an iOS 0-day jailbreak out of Apple’s security patches ]=-

year 2019
by Stefan Esser
at HITB
type slides
hash 9dd5c03f8c0e5776babeaf769644d3a2eedc2749834c30a9e0d227f7cc908e91

-=[ A few JSC tales ]=-

year 2019
by Luca Todesco
at BaijiuCon
type slides
hash 06461a35212c4e04d2061498e3cea76b1143ecb16c736d45cadc3afba2689039

-=[ Forensics of iOS CarPlay and Android Auto ]=-

year 2019
by Sarah Edwards & Heather Mahalik
at SANS DFIR Summit
type slides
hash b9089e47c85b89d4bcc8aeb711c25f361128fb0f5afe4604bdc939cbf3bc317f

-=[ Evolution of iOS mitigations ]=-

year 2019
by Siguza
at TyphoonCon
type slides
hash dd240236696c3e679ebdd621f5910cbc7428d42de90abeee2b8f947f1e6f857c

-=[ The One Weird Trick SecureROM Hates ]=-

year 2019
by Luca Todesco
at POC
type slides
hash 7a783101b8b5c55efa07de0b541bcfc9866765f7bceff4d1732bfdd6b0d050a0

-=[ Exploiting IOSur􏰽􏰾face 0 ]=-

year 2019
by Liang Chen
at POC
type slides
hash 1f0ef1832bc33d85e03957646dcd0a4102c6be07403d273c58ef3feff80fcc53

-=[ Simplifying iOS Research: Booting the iOS Kernel to an Interactive Bash Shell on QEMU ]=-

year 2019
by Jonathan Afek
at BlackhatEU
type slides
hash 9c1392b1747dd04afd46df558212388b2b5de9beadaad8d37bd24677ae22ba2e

-=[ Running iOS in QEMU to an interactive bash shell (1): tutorial ]=-

year 2019
by Jonathan Afek
at BlackhatEU
type paper
hash 974c591a98d13940fa05d92698f429c4325291779897b2518feee9531f8a7da0

-=[ KTRW - The journey to build a debuggable iPhone ]=-

year 2020
by Brandon Azad
at Objective by the Sea
type slides
hash 72d18014492b0bf7272451b1da6f83a68d08b9e2128ea9b0f2a6a217770d1e93

-=[ iMessage Exploitation Remotely Compromising an iPhone over iMessage ]=-

year 2020
by Samuel Groß
at Objective by the Sea
type slides
hash adc73919f9ea88476dc75e4033b9dcfb3702484b66ce6026e1397d73d99c4d7d

-=[ tvOS-Checkra1n ]=-

year 2020
by Kevin Bradley
at Objective by the Sea
type slides
hash 7443fb979508d791a225472d3165fa271c25e285d5ea5616cb4ddd0c949837a5