To look at a system fault as a bug or vulnerability depends on the assessor's attitude.

This chapter will give you a step-by-step guide to analyzing, attacking, and reverse engineering iOS apps in general. We will take what we have already set up with LLDB, oTool, Hopper, and class-dump-z into a trifecta for simple reverse engineering tasks. We will walk through how to use tools in order to instrument potentially sensitive and vulnerable API calls. We will also look at how to exploit the lack of binary protections with Cycript and Snoop-IT. Finally, the chapter will cover some obscure tasks, such as performing heap dumps with debuggers in order to recover sensitive items such as passwords ...