Get Even More Visitors To Your Blog, Upgrade To A Business Listing >>

DVIA - Damn Vulnerable iOS Application

Damn Vulnerable iOS App (DVIA) is an iOS Application that is damn vulnerable. 

Its main goal is to provide a platform to mobile security enthusiasts/professionals or students to test their iOS penetration testing skills in a legal environment. 

This application covers all the common vulnerabilities found in iOS applications (following OWASP top 10 mobile risks) and contains several challenges that the user can try. It also contains a section where a user can read various articles on iOS application security.

Vulnerabilities and Challenges in the DVIA:
  • Insecure Data Storage
  • Extension Vulnerabilities
  • Attacks on third party libraries
  • Jailbreak Detection
  • Runtime Manipulation
  • Piracy Detection
  • Sensitive information in memory
  • Transport Layer Security (http, https, cert pinning)
  • Client Side Injection
  • Information Disclosure
  • Broken Cryptography
  • Security Decisions via Untrusted input
  • Side channel data leakage
  • Application Patching

All these vulnerabilities and their solutions have been tested up to iOS 10.

Here is a video tutorial on How to get started with Damn Vulnerable iOS App:

Download DVIA 2.0 (Link 1)

Download DVIA 2.0 (Link 2)

DVIA SourceCode (GitHub)

You might also like:
  • FoxAnalysis - Firefox Internet History Analysis Tool
  • DAVOSET - Tool For Performing DDoS Attacks Via Other Sites
  • Router Password Kracker - Tool For Cracking Router/Modem/Website Passwords
  • Memoryze - Memory Forensics Tool
  • Xplico - Network Forensic Analysis Tool
  • Srm - Command-line Tool For Deleting Files Permanently
  • CIAT - Crypto Implementations Analysis Toolkit
  • fwknop - Single Packet Authorization
  • Proxyp - Multithreaded Proxy Enumeration Utility
  • PeStudio - Malware Initial Assessment Tool
  • PDFMiner - Python PDF Parser and Analyzer
  • BTS PenTesting Lab - Vulnerable Web Application For Practicing Penetration Testing
  • Flunym0us - Vulnerability Scanner For WordPress and Moodle
  • Fiddler - Free Web Debugging Proxy
  • Capstone - Multi-Platform Disassembly Framework
  • GDB - The GNU Project Debugger
  • XSSless - An Automated XSS Payload Generator
  • Malheur - Tool For Malware Analysis
  • dotDefender - Web Application Firewall
  • DirBuster - File & Directory Brute Forcing Tool
  • ike-scan - Tool For Discovering, Fingerprinting, & Testing IPsec VPN Systems
  • Wapiti - Web Application Vulnerability Scanner
  • Wireless Attack Toolkit - A Push-button Wireless Hacking & Man-In-The-Middle Attack Toolkit
  • SQL Injection Test Environment - A Collection Of Web Pages Vulnerable To SQL Injection
  • MKBRUTUS - A Password Bruteforcer For MikroTik Devices or Boxes Running RouterOS
  • NoSQLMap - Automated Mongo Database & NoSQL Web Application Exploitation Tool
  • Blue|Smash - A Bluetooth Pentest Suite

This post first appeared on Effect Hacking - Hacking Tools, How To Guides An, please read the originial post: here

Share the post

DVIA - Damn Vulnerable iOS Application


Subscribe to Effect Hacking - Hacking Tools, How To Guides An

Get updates delivered right to your inbox!

Thank you for your subscription