IOS安全学习资料汇总（1）IOS安全学习网站收集：https://samdmarshall.comhttps://www.exploit-db.comhttps://reverse.put.ashttps://highaltitudehacks.com/security/https://www.dllhook.com/http：///www.securitylearn.net/archives/https://securitycompass.github.io/iPhoneLabs/index.htmlhttps://security.ios-wiki.comhttps://www.opensecuritytraining.info/IntroARM.htmlhttps：//truesecdev.wordpress.com/https://resources.infosecinstitute.com/ios-application-security-part-1-setting-up-a-mobile-pentesting-platform/https://esoftmobile.com/2014/ 02/14 /ios-security/https://bbs.iosre.comhttps://bbs.chinapyg.comhttps://blog.pangu.io/https://yonsm.net/http：//nianxi。净/https://cocoahuke.com/https://blog.0xbbc.comhttps://blog.imaou.com/https://github.com/pandazheng/iOSAppReverseEngineeringhttps://drops.wooyun.orghttps://bbs.pediy.comhttp：//www.blogfshare.com/https://github.com/michalmalik/osx-re-101https://blog.qwertyoruiop.com/https://github.com/secmobi/wiki.secmobi.comhttp：//contagioexchange.blogspot.com/https://contagiominidump.blogspot.com/https://github.com/secmobihttps://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=Guide_Development_Projecthttp：//blog.dornea.nu/2014/10/29/howto-ios-apps-static-analysis/https://www.dllhook.com/post/58.htmlhttps://thexploit.com/category/secdev/https://github.com/secmobi/wiki.secmobi.comhttps://github.com/mdsecresearchhttps://sectools.org/tag/os-x/https://googleprojectzero.blogspot.com/http：//googleprojectzero.blogspot.com/2014/10/more-mac-os-x-and-iphone-sandbox.htmlhttps://www.macexploit.com/https://code.google.com/p/google-security-research/issues/list？can=1＆q=iOS＆sort=-id＆colspec=ID％20Type％20Status％20Priority％20Milestone％20Owner％20Summaryhttps://code.google.com/p/google-security-research/issues/list？can=1＆q=OSX＆sort=-id＆colspec=ID+Type+Status+Priority+Milestone+Owner+Summary＆cells=tileshttps://googleprojectzero.blogspot.com/2014/11/pwn4fun-spring-2014-safari-part-ii.htmlhttps://www.blackhat.com/docs/us-15/materials/us-15-Lei-Optimized-Fuzzing-IOKit-In-iOS-wp.pdfhttps://www.youtube.com/watch?v=rxUgw5bEG3Yhttps://www.theiphonewiki.com/wiki/固件https://www.trustedbsd.org/mac.htmlhttps://googleprojectzero.blogspot.com/2014/10/more-mac-os-x-and-iphone-sandbox.htmlhttps://code.google.com/p/google-security-research/issues/list?can=1&q=OSX&sort=-id&colspec=ID+Type+Status+Priority+Milestone+Owner+摘要＆cells=tileshttps://support.apple.com/zh-cn/HT205731https://www.apple.com/support/security/https://opensource.apple.com/tarballs/https：//mobile-security.zeef.com/oguzhan.topguhttps://www.powerofcommunity.nethttps://cn.0day.today/exploitshttps://recon.cx/2016/training/trainingios-osx.htmlhttps://www.exploit-db.com/osx-rop-exploits-evocam-case-study/https：//www.offensive-security.com/vulndev/evocam-remote-buffer-overflow-on-osx/https://www.yumpu.com/zh-CN/document/view/7010924/ios-kernel-heap-armageddonhttp：//contagiodump.blogspot。com/https://www.dllhook.com/post/138.htmlhttps://shell-storm.org/blog/Return-Oriented-Programming-and-ROPgadget-tool/https://medium.com/@harryworld/100-days-of-osx-development-e61591fcb8c8＃.vxyuyse12https://www.poboke.com/study/reversehttps://www.offensive-security.com/vulndev/evocam-remote-buffer-overflow-on-osx/https://www.exploit-db.com/osx-rop-exploits-evocam-case-study/https://phrack.org/issues/69/1.htmlhttps://www.exploit-db.com/docs/28479.pdfhttps://speakerdeck.com/milkmix/ios-malware-myth-or-realityhttps://bbs.pediy.com/thread-223117。htm

（2）IOS安全优秀博客文章https://datatheorem.github.io/TrustKit/https://ho.ax/posts/2012/02/resolving-kernel-symbols/https://www.securitylearn.net/tag/pentesting-ios-apps/https://truesecdev.wordpress.com/2015/04/09/hidden-backdoor-api-to-root-privileges-in-apple-os-x/https://github.com/secmobi/wiki.secmobi。comhttps://bbs.iosre.com/t/debugserver-lldb-gdb/65https://bbs.pediy.com/showthread.php?t=193859https://bbs.pediy.com/showthread.php？t=192657＆viewgoodnees=1＆prefixid=https://blog.darkrainfall.org/2013/01/os-x-internals/https://dvlabs.tippingpoint.com/blog/2009/03/06/reverse-engineering-iphone-appstore-binarieshttps://drops.wooyun.org/papers/5309https://www.blogfshare.com/category/ios-securehttps://www.safaribooksonline.com/library/view/hacking-and-securing/9781449325213/ch08s04.htmlhttps://soundly.me/osx-injection-override-tutorial-hello-world/https：//nadavrub.wordpress.com/2015/07/23/injecting-code-to-an-ios-appstore-app/https://blog.dewhurstsecurity.com/https://github.com/project-imashttps：//github.com/iSECPartnershttps://www.nowsecure.com/blog/https://lightbulbone.com/https://www.tanhao.me/pieces/1515.html/https://dongaxis.github.io/https://truesecdev.wordpress.com/2015/04/09/hidden-backdoor-api-to-root-privileges-in-apple-os-x/

（3）IOS安全优秀GitHub包含O'Reilly的iOS9Swift编程手册的所有示例代码https://github.com/vandadnp/iOS-9-Swift-Programming-CookbookXCodeGhost清除脚本https://github.com/pandazheng/XCodeGhost-CleanAppleOSXROOT提权API后门https://github.com/tihmstar/rootpipe_exploit适用于iOS和OS的轻松且通用的SSL固定Xhttps://github.com/datatheorem/TrustKit使用shellcodehttps修补PE，ELF，Mach-O二进制文件：//github.com/secretsquirrel/the-backdoor-factoryiReSign允许的iDevice的应用程序包（的.ipa）文件，以便与苹果的数字证书分发给签署或辞职https://github.com/maciekish/iReSign马赫-O加载命令反混淆器https://github.com/x43x61x69/Mach-O-PrettifierDylib插入Mach-O文件https://github.com/Tyilo/insert_dylibdylib用于mach-o二进制文件的注入器https://github.com/KJCracks/yololib快速的iOS可执行转储程序https://github.com/KJCracks/ClutchMacOSX的libimobiledevice库的二进制分发https://github.com/benvium/libimobiledevice-macosx与OSX上的dylib劫持有关的python实用程序https：///github.com/synack/DylibHijackOSXdylib注入https://github.com/scen/osxinjIOSIPA软件包精简并辞职https://github.com/Yonsm/iPAFineROP漏洞利用https://github.com/JonathanSalwan/ROPgadget对任何Mach-o文件进行类转储而不从dyld_shared_cachehttps://github.com/limneos/classdump-dyld中提取文件扫描IPA文件并解析其info.plisthttps://github.com/apperian/iOS-checkIPAA通过库注入的PoCMach-O感染器https://github.com/gdbinit/osx_boubouIOS-Headershttps://github.com/MP0w/iOS-HeadersMacOSX的进程间代码注入https://github.com/rentzsch/mach_injectOSXAuditor是免费的MacOSX计算机取证工具https://github.com/jipegit/OSXAuditor删除osx的PIEhttps://github.com/CarinaTT/MyRemovePIEIDA https的TE可执行格式加载器：//github.com/gdbinit/TELoader移动安全框架https://github.com/ajinabraham/Mobile-Security-Framework-MobSF一个库，可以动态重新绑定运行在iOS上的Mach-O二进制文件中的符号https://github.com/facebook/fishhookOSX和iOS相关安全工具https://github.com/ashishb/osx-and-ios-security-awesomeIntrospy-Analyzerhttps://github.com/iSECPartners/Introspy-Analyzer将加密的iPhone应用程序中解密的mach-o文件从内存转储到内存磁盘https://github.com/stefanesser/dumpdecrypted适用于iOS和OSX的Keychain的简单Swift包装器https://github.com/kishikawakatsumi/KeychainAccessidb是一种工具，可简化iOS渗透测试和研究的一些常见任务使用Parse作为后端的https://github.com/dmayer/idb Pentesting应用程序https://github.com/igrekde/ParseRevealeriOS逆向工程工具包https://github.com/Vhacker/iRETXNU-MacOSX内核https://github.com/opensource-apple/xnuOSX的代码注入+有效负载通信https://github.com/mhenr18/injectoriOS相关代码https://github.com/samdmarshall/iOS-InternalsOSX注入教程：HelloWorldhttps://github.com/arbinger/osxinj_tutReveal加载程序将libReveal.dylib（Reveal.app支持）动态加载到越狱设备上的iOS应用程序中https://github.com/heardrwt/RevealLoaderNSUserDefaults类别，带有AES加密/解密密钥和值https://github.com/NZN/NSUserDefaults-AESEncryptor黑 盒工具可禁用SSL证书验证https://github.com/iSECPartners/ios-ssl-kill-switch应用逆向工程抽奖插件https://github.com/iosre/iosrelottery未经测试的iOS调整，以挂钩OpenSSL函数https://github.com/nabla-c0d3/iOS-hook-OpenSSLIOS*.plist加密器项目。保护您的.plist文件免于越狱https://github.com/FelipeFMMobile/ios-plist-encryptoriOSipa文件重新设计工具https://github.com/hayaq/recodesign扫描iPhone/iPad/iPod应用程序中的PIE标志https://github.com/stefanesser/.ipa-PIE-Scanner通过cve-2015-1140的xnu本地特权升级IOHIDSecurePromptClientinjectStringGated堆溢出| poc||gtfohttps://github.com/kpwn/vpwnMachOViewhttps://github.com/gdbinit/MachOView与iOS设备通信的跨平台协议库https://github.com/libimobiledevice/libimobiledeviceWireLurkerDetectorhttps://github.com/pandazheng/WireLurker发行按照GPL牌https://github.com/p0sixspwn/p0sixspwn通过CVE-2015XNU本地权限提升https://github.com/kpwn/tpwn一个简单的通用OSX/iOS上的内存编辑器（游戏培训师）https://github.com/pandazheng/HippocampHairSalonBinaryCookieReader源码https://github.com/pandazheng/BinaryCookieReaderTiamo的引导程序https://github.com/pandazheng/macosxbootloader不完整的iOS8.4.1越狱，由KimJongCrackshttps://github.com/pandazheng/yaluOSX安全扫描程序httpshttps://github.com/openscanner/XGuardian示例内核扩展，演示如何从kextstat隐藏https://github.com/rc0r/KextHider示例MacOSX内核扩展，用于解析运行中的内核映像中的符号https：//github.com/snare/KernelResolver示例MacOSX（MountainLion）内核扩展，演示了如何通过劫持getdirentries系统调用来隐藏文件https://github.com/rc0r/FileHider示例MacOSX（MountainLion）内核扩展，演示了如何通过修改allproc和pidhashtbl隐藏进程的方法https://github.com/rc0r/ProcessHiderMach-O反汇编程序。现在兼容64位和Xcode6https://github.com/x43x61x69/otx一个Mach-O二进制代码签名去除器https://github.com/x43x61x69/codeunsign一个Mach-O加载命令deobfuscatorhttps://github.com/x43x61x69/马赫-O-Prettifier很简单的键盘记录器为自量化在MacOSXhttps://github.com/dannvix/keylogger-osx通过iTunesLIB管理iOS设备https://github.com/xslim/mobileDeviceManager检测硬件，软件以及运行时当前iOS或MacOSX设备的显示https://github.com/lmirosevic/GBDeviceInfo逆向工程Python武器库https://pythonarsenal.com/OSX加密勒索软件PoChttps://github.com/gdbinit/gopherFridahttps：//codeshare.frida。re/原始码级侦错的XNU核心 https://bbs.ichunqiu.com/thread-48301-1-1.html装甲：功能强大的macOS有效负载加密工具，可绕过大部分AVhttps：//www.freebuf.com/sectool/190620.html使用radare2逆向iOSSwift应用程序https://www.freebuf.com/articles/terminal/191595.html调试macOS内核很有趣https://geosn0w.github.io/Debugging-macOS-Kernel-For-Fun/MacMalware_2018https://objective-see.com/downloads/MacMalware_2018.pdf适用于iOS的OpenSource.Apple.Com的精华https://newosxbook.com/tools/iOSBinaries.htmlFortiAppMonitor：用于监控macOS上的系统活动的强大工具https://www.freebuf.com/sectool/193258.html

样品https://objective-see.com/malware.html#resources

（4）IOS安全优秀书籍《破解和保护iOS应用程序》《MacOSX和iOS内部构件：以苹果的核心》《OSX和iOS内核编程》《OSXABIMach-O文件格式》《Mac黑客手册》《MacOSXInterals：一种系统方法》《黑客攻防技术宝典-IOS实战》《IOS应用安全攻防实战》《IOS应用逆向工程》《IOS取证战》《安全技术大系：IOS取证分析》

（5）IOS安全推特https://twitter.com/Technologeekshttps://twitter.com/osxreverserhttps://twitter.com/Morpheus ______

（6）OSX/IOS漏洞分析文章CVE-2016-1749https://turingh.github.io/2016/04/29/CVE-2016-1749%E5%86%85%E6%A0%B8%E4%BB%A3%E7%A0%81％E6％89％A7％E8％A1％8CPOC％E5％88％86％E6％9E％90/

CVE-2016-1757https://googleprojectzero.blogspot.com/2016/03/race-you-to-kernel.htmlhttps://github.com/gdbinit/mach_race

CVE-2016-1824https://marcograss.github.io/security/apple/cve/2016/05/16/cve-2016-1824-apple-iohidfamily-racecondition.html

IOS越狱中使用到的突破列表

###ipsw ios10ipswhttps://ipsw.me/所有https://www.alliphone.comhttps://www.theiphonewiki.com/wiki/Firmware_Keyshttps://pastebin.com/FRMfanmT https：//www.reddit.com/r/jailbreak/comments/4nyz1p/discussion_decrypted_kernel_cache_ios_10/d48cgd7 https://www.nowsecure.com/blog/2014/04/14/ios-kernel-reversing-step-by-step/http：///www.iphonehacks.com/download-iphone-ios-firmware

Mac下的一些软件https://sqwarq.com/detectx/

Mac下的安全软件https://objective-see.com/products.html