Join us at hack.lu 2025 — Info & Registration
Duration: 120 min
Type: Training
Speakers: David Durvaux, Christophe Vandeplas
Abstract
Are you, or your organisation, concerned about potential compromise on your iPhone, iPad, or Apple Watch? This workshop equips you with the knowledge and tools to identify red flags on your iOS device. We delve into the world of sysdiagnose and explore methods to verify potential breaches.
This is the starter workshop, we invite you to also join the second deeper dive session with deeper analysis.
Description
This is an iteration of the workshop that was given at hack.lu 2024. This edition is now split in two sessions: one introductory session and one deep dive.
Are you, or your organisation, concerned about potential compromise on your iPhone, iPad, or Apple Watch? This workshop introduces you to some knowledge and tools to identify red flags on your iOS device. We delve into the world of sysdiagnose and explore methods to verify potential breaches.
During this workshop we will be:
- discussing some ways to know if an iOS device may be compromised
- explore which opensource tools exist to perform analysis
- generating a sysdiagnose file on an iPhone, iPad iWatch, … (bring your own device)
- use multiple methods to collect the sysdiagnose (sharing, custom app, PyMobileDevice3, …)
- use the open source sysdiagnose parser to convert the diagnostics data to something usable
- explore what data it contains
- generate a timeline and load it in timesketch or splunk
- …