Privacy and Security Resources

WWDC Awesome Videos on Privacy and Security

https://developer.apple.com/videos/frameworks/privacy-and-security

Design

Security vs. Design: Standing at Odds?

Security - App Architecture - macOS - Human Interface Guidelines - Apple Developer

Designing for Security

How good UX leads to great security

The Art of Balancing User Experience and Security - Usability Geek

Design for security

Insecure & Unintuitive: How We Need to Fix the UX of Security

Videos

https://youtu.be/kEBIEnV5u_o

https://youtu.be/8EihQXUuxTU

Code

Apple App Security Pages

Apple App Security Overview

Encryption and Data Protection overview

Preventing Insecure Network Connections

Security | Apple Developer Documentation

Apple Platform Security Guide

Privacy - Apple

About Software Security

Introduction to Security Coding

Other Security Resources

OWASP Mobile Security Test Guide

Mobile Security Testing Guide

Platform Overview - Mobile Security Testing Guide

Data Storage on iOS - Mobile Security Testing Guide

iOS Cryptographic APIs - Mobile Security Testing Guide

Local Authentication on iOS - Mobile Security Testing Guide

iOS Network APIs - Mobile Security Testing Guide

Tampering and Reverse Engineering on iOS - Mobile Security Testing Guide

iOS Anti-Reversing Defenses - Mobile Security Testing Guide

CTFs and Attacks - Understand iOS Code vulnerability before Defending against them

Hack the Box Challenges

Alexandr Fadeev - Alexander Fadeev’s Blog

Ivan R - Blog

Books — James Duffy

GitHub - prateek147/DVIA-v2: Damn Vulnerable iOS App (DVIA) is an iOS application that is damn vulnerable.

Mobile CTF

Dynamic Analysis - pentestwiki.org

Bypassing SSL Pinning

Pokemon Go Jailbreak bypass 2020

iOS: Patching security features of mobile app with Ghidra – Basement

MyMoney App testflight if you want to intercept the requests

https://testflight.apple.com/join/4sF4ued4

How to Protect Data in the Client-side

Secret Management on iOS - NSHipster

Securing iOS Data at Rest: Protecting the User’s Data

How to use Keychain

Storing CryptoKit Keys in Keychain

Protecting Core ML Models. Exploring various methods to protect… | by Georguy | Heartbeat

GitHub - rockbruno/swiftshield: 🔒 Swift Obfuscator that protects iOS apps against reverse engineering attacks.

Application Hardening for Mobile Banking Apps: Root and Jailbreak Detection

Networking and Authentication Tutorials

iOS 12 Password Tools: Improving User Security and Experience | raywenderlich.com

Preventing Man-in-the-Middle Attacks in iOS with SSL Pinning | raywenderlich.com

CryptoKit Basics: End-to-End Encryption - DEV

Adding Sign in with Apple to your iOS App - DEV

Other interesting links

Security Guidelines for iOS Apps SDLC

GitHub - felixgr/secure-ios-app-dev: Collection of the most common vulnerabilities found in iOS applications

Study shows which messengers leak your data, drain your battery, and more | Ars Technica

Social media app leaks data of 172,000 users, including location coordinates| CyberNews