YoVDO

Self-Signed Certificates: Exploiting Insecure Certificate Validation in iOS and macOS

Offered By: nullcon via YouTube

Tags

Cybersecurity Courses Network Security Courses Penetration Testing Courses Exploit Development Courses macOS Security Courses iOS Security Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the critical vulnerabilities in iOS and macOS certificate validation through this 46-minute conference talk from Nullcon Goa 2023. Delve into the intricacies of TLS authentication, learn about the history of insecure server certificate validation in Apple's operating systems, and discover new exploits affecting both iOS and macOS. Gain insights into the newly released tool, certmitm, which automatically detects and exploits insecure certificate validation vulnerabilities in TLS clients. Understand the implications for penetration testers and bug bounty hunters, and examine Apple's approach to addressing these security concerns. Download accompanying slides to enhance your understanding of this crucial topic in cybersecurity.

Syllabus

Introduction
Certificates
Certmitm demo
Apple CVEs
Penetration testers & Bug bounty hunters
Apple


Taught by

nullcon

Related Courses

Computer Security
Stanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network