This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit


Revision as of 02:02, 4 February 2014 by Jason Haddix (talk | contribs) (Created page with "= Main = <b>Welcome to the Damn Vulnerable iOS Application home page.</b> Damn Vulnerable iOS application is a project started by Prateek Gianchandani which gives mobile t...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Welcome to the Damn Vulnerable iOS Application home page.

Damn Vulnerable iOS application is a project started by Prateek Gianchandani which gives mobile testers and developers an iOS application to practice attacking/defending skill sets. Each challenge area corresponds to an in-depth article designed to teach the fundamentals of mobile security on the iOS platform. Some challenge categories include multiple challenge types.

Current Challenge Categories:

  • Insecure Data Storage (4 exercises)
  • Jailbreak Detection (2 exercises)
  • Runtime Manipulation (3 exercises)
  • Transport Layer Security (1 exercise)
  • Client Side Injection (1 exercise)
  • Broken Cryptography (1 exercise)
  • Binary Patching (4 exercises)

  1. REDIRECT [iGoat Tool Project]

{{Template: Project About

| project_name =OWASP iGoat Project | project_home_page =OWASP iGoat Project | project_description =The iGoat project aims to be a developer learning environment for iOS app developers. It was inspired by the OWASP WebGoat project in particular the developer edition of WebGoat.

Similar to WebGoat (developer), the user is presented with a series of lessons surrounding numerous vulnerabilities associated with iOS apps. The student exploits each vulnerability to validate its existence, and then he implements a remediation in the lesson's source code.

Further, iGoat is designed and implemented modularly, similar conceptually to WebGoat's modular Java EE servlet model. It is intended to provide a foundational framework to build lessons on top of, starting with a core set of lessons provided in the first release.

iGoat can be downloaded here:

| project_license =GPL v3

| leader_name1 =Swaroop Yermalkar | leader_email1 [email protected] | leader_username1 = | leader_name[2-10] = | leader_email[2-10] = | leader_username[2-10] = | contributor_name1 =Jonathan Carter | contributor_email1 [email protected] | contributor_username1 = | contributor_name[2-10] = | contributor_email[2-10] = | contributor_username[2-10] = | pamphlet_link = | presentation_link = | mailing_list_name = | project_road_map = | links_url[1-10] = | links_name[1-10] = | release_1 =iGoat v1.1 | release_2 =iGoat v2.0 | release_3 =iGoat v2.1 | release_4 =iGoat v2.3

| project_about_page =Projects/OWASP_iGoat_Project }}