Skip Main Navigation
Page Content
This event has ended

iOS Runtime Breach Arts

Jonathan Zdziarski

Tuesday, January 22, 2013 from 8:00 AM to 4:00 PM (EST)

Ticket Information

Ticket Type Sales End Price Fee Quantity
Active Duty Law Enforcement
Active Duty Law Enforcement or Military Personnel. Verification is required in order to secure this price. After ordering, please send an email containing your credentials so that we may verify your law enforcement status.
Ended $1,999.00 $9.95
Private Sector, NGO
Private sector corporations, agencies without arrest and seizure powers, and all other NGOs.
Ended $2,999.00 $9.95

Who's Going

Loading your connections...

Share iOS Runtime Breach Arts

Event Details

When forensically sound imaging techniques fail, it may be possible to breach some target applications from the operating system's runtime in an effort to recover evidence. In dealing with matters related to preservation of life or national security, breaching an application can sometimes yield useful data. This course teaches the art of breaching the runtime of iOS applications in order to attack the application itself. These techniques are similar to those used by malicious hackers to attack applications in order to break encryption, steal data, and harm users.

The techniques taught in this class are not forensically sound.

Come and learn the techniques Jonathan taught at Black Hat this year, and much more. In this class, you'll learn: 

  • How to manipulate the runtime of applications on a target device to assist in law enforcement investigations involving loss-of-life or national security, when all other forensic techniques fail. 
  • Work with classroom examples of malware to see how an attacker can transparently infect and steal application data, surveil user activity, and access encrypted documents in the background of a device while being used by an unsuspecting user. 
  • Identify common vulnerabilities in real-world applications and how attackers can take advantage of these through a number of attack techniques to break through security, hijack sessions, and steal user data. 
  • Manipulate the runtime environment of running applications to access data, bypass program logic and override many security mechanisms. 
  • Techniques attackers use to infect applications with malware through code injection. 
  • Discover how attackers defeat iOS keychain, file system, and data-protection encryption to steal encryption keys, passwords, and infect a device without necessarily breaking the passphrase 
  • Attack processes to inject code and manipulate the runtime environment of Objective-C application, in many cases without detection 
  • Redirect networking traffic and intercept SSL encrypted traffic 

Join us as Jonathan Zdziarski, author, forensic scientist, and iOS security expert, leads your organization's red teams, penetration testers, and top-level forensic investigators through the dark world of attacking iOS applications. Learn hands-on how attackers can infect and manipulate your code to bypass program logic, eavesdrop on communications, bypass many forms of security, and steal data from your users. 


This is a very hands-on, highly technical course that is ONLY recommended for those with knowledge of the Objective-C programming language, and are familiar with the architecture of iOS applications. Knowledge of C and Unix is strongly recommended. 


This is a Mac-only course. Be sure to bring an Intel-based Mac notebook and a jailbroken iPhone or iPad to simulate the work environment of an attacker, if you would like to learn hands-on. 

    • Mac OS X Lion or Mountain Lion, on an Intel-Based Mac
    • A full development environment including Xcode, gcc, gdb, etcetera
    • A jailbroken iPhone or iPad (ideally running firmware 5.X, to keep everyone on the same page) to demonstrate a number of different types of attacks. (Jailbroken access to the device will be used to simulate the tools an attacker would use to attack your applications)

Don't miss the opportunity to have your personnel trained by the leading expert in iPhone forensic examination. Contact us for pricing and booking information today, as dates are limited.

Have questions about iOS Runtime Breach Arts? Contact Jonathan Zdziarski

When & Where


NYPD Training Academy
235 E 20th St
Room 513
New York, NY

Tuesday, January 22, 2013 from 8:00 AM to 4:00 PM (EST)


  Add to my calendar

Organizer

Jonathan Zdziarski

Jonathan Zdziarski is considered, worldwide, to be among the foremost experts in iOS related digital forensics and security. As an iOS security expert in the field (sometimes known as the hacker "NerveGas"), Jonathan's research into the iPhone has pioneered many modern forensic methodologies used today, and has been validated by the United States' National Institute of Justice. Jonathan has extensive experience as a forensic scientist and security researcher specializing in reverse engineering, research and development, and penetration testing, and has performed a number of red-team penetration tests for financial and government sector clients. Jonathan frequently consults with law enforcement agencies on high profile cases and assists federal, state and local agencies in their forensic investigations, and has trained many federal, state and local agencies internationally. Also an author for O'Reilly Media, Jonathan has written several books related to the iPhone including iPhone ForensicsiPhone SDK Application DevelopmentiPhone Open Application Development, and his latest book, Hacking and Securing iOS Applications.

  Contact the Organizer

Please log in or sign up

In order to purchase these tickets in installments, you'll need an Eventbrite account. Log in or sign up for a free account to continue.