Presentation: Exploiting Common iOS Apps’ Vulnerabilities

Track: Trust, Safety & Security

Location: Pacific DEKJ

Duration: 10:35am - 11:25am

Day of week: Wednesday

Share this on:

Abstract

Many mobile developers still believe that it’s not possible to extract information embedded inside the application bundle. However, it's not true.  

My area of interest is the reverse engineering of mobile apps. In this talk, I'll walk through some of the most common vulnerabilities on iOS apps and show how to exploit them. All these vulnerabilities have been found on real production apps of companies that have (or don't have) bug bounty program. This talk is useful for those connected with mobile app development or those who do use mobile apps to work with sensitive data.

Speaker: Ivan Rodriguez

Software Engineer @Google

Ivan is an application security researcher with focus on mobile applications. He worked for many years as a mobile developer before changing his career and focusing on application security. Ivan is a Software Engineer at Google by day and a security researcher at night, he has found many vulnerabilities on different mobile applications and reported them through the popular bug bounty platforms HackerOne and Bugcrowd. Ivan tries to give back to the community by sharing most of his findings through blog posts at ivrodriguez.com and open-source tools on his GitHub account.

Find Ivan Rodriguez at

Tracks

Monday, 11 November

Tuesday, 12 November

Wednesday, 13 November