/ios-resources

Useful resources for iOS hacking

iOS Hacking Resources

Basics

Official references:

My own doing:

Note on ARM documents:

Both infocenter.arm.com and developer.arm.com are outright nightmares to navigate, and search engines don't help either. But if you have any ARM document as a PDF and want to check for a newer version, there is a neat trick. At the bottom of any page of the PDF, you should have a document identifier like so:

Screenshot

That should have the form ARM XXX ddddX.x. Take the three letters and following four digits (in this case, DDI0406) and construct an URL like so:
https://developer.arm.com/docs/XXXdddd/latest
(In this case, https://developer.arm.com/docs/DDI0406/latest.)

Internals

Mach-O

Sandbox

IPC

  • Apple - Mach (Overview and API documentation (inside the XNU source in osfmk/man/index.html))
  • nemo - Mach and MIG (examples are outdated and for PPC/Intel, but descriptions are still accurate)
  • Ian Beer - Apple IPC (Video and Slides)

File Systems

Kernel

Kernel Integrity

Control Flow Integrity

Other Mitigations

Web

  • Samuel Groß & Amy Burnett - Attacking JavaScript Engines in 2022 (Video and Slides)

Remote Targets

Persistence

Hardware

SEP

Bootloader

Memory Safety

Write-Ups

Other Lists

Community

"Hack Different" is a Discord server about hacking, reverse engineering and development loosely on and around Apple platforms.
It has a relaxed atmosphere and is a great place to hang out and connect with fellow researchers and enthusiasts.

Hack Different