Welcome to OWASP AppSec 2018 USA we look forward to seeing you in San Jose, CA
Back To Schedule
Friday, October 12 • 11:00am - 11:35am
Pentesting Swift Application for fun and Profit with OWASP iGoat

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
As enterprises are moving their iOS development towards Swift development from Objective C, it has become essential to adopt skills required to perform penetration testing/security audit of such applications. If you are working as Product Security Engineer or Bug Bounty hunter, it's important to know pentesting Swift application.

Considering such requirements, we're releasing brand new version of OWASP iGoat in Swift. Definitely, there are certain changes while pentesting Swift application over Objective C applications.

This talk is all about how you can find out security loopholes in Swift applications and as a developer how you can defend against them. This talk will help you learn iOS Swift App Pentesting from basics to advanced level using OWASP iGoat project.

This talk will discuss recent case studies of critical findings in iOS apps (Swift) and also help to address important issues as encryption key management, code obfuscation along with OWASP Top 10. We will release the major version of OWASP iGoat (Swift) at AppSec USA 2018.

Project code: https://github.com/OWASP/iGoat-Swift

Technology stack: Swift 4, Ruby

avatar for Swaroop Yermalkar

Swaroop Yermalkar

Senior Security Engineer, Lithium
Swaroop Yermalkar works as Sr Security Engineer at Lithium with a diverse skill set focused on Mobile App Pentest, Web, API and AWS Pentesting. In addition he has authored the popular book “Learning iOS Pentesting” (https://goo.gl/T8jvjJ) and lead an open source project - OWASP... Read More →

Friday October 12, 2018 11:00am - 11:35am PDT
  Gold, Intermediate
  • NEW FIELD 1 Track 3