YoVDO

Self-Signed Certificates: Exploiting Insecure Certificate Validation in iOS and macOS

Offered By: nullcon via YouTube

Tags

Cybersecurity Courses Network Security Courses Penetration Testing Courses Exploit Development Courses macOS Security Courses iOS Security Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the critical vulnerabilities in iOS and macOS certificate validation through this 46-minute conference talk from Nullcon Goa 2023. Delve into the intricacies of TLS authentication, learn about the history of insecure server certificate validation in Apple's operating systems, and discover new exploits affecting both iOS and macOS. Gain insights into the newly released tool, certmitm, which automatically detects and exploits insecure certificate validation vulnerabilities in TLS clients. Understand the implications for penetration testers and bug bounty hunters, and examine Apple's approach to addressing these security concerns. Download accompanying slides to enhance your understanding of this crucial topic in cybersecurity.

Syllabus

Introduction
Certificates
Certmitm demo
Apple CVEs
Penetration testers & Bug bounty hunters
Apple


Taught by

nullcon

Related Courses

Network Security
Georgia Institute of Technology via Udacity Proactive Computer Security
University of Colorado System via Coursera Identifying, Monitoring, and Analyzing Risk and Incident Response and Recovery
(ISC)² via Coursera Hacker101
HackerOne via Independent CNIT 127: Exploit Development
CNIT - City College of San Francisco via Independent