SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsIn a penetration test it is usually impossible to acquire permission to attack the CEO's cell phone. But what if the CEO's workstation is in scope and the CEO has an iPhone synced with a workstation? What if the CEO's iPhone backup files are resident on this workstation? Would that be in scope? The answer is probably yes. The information that can be gleaned from an iPhone backup file is amazing and extremely useful to a penetration tester. We will discuss how to hunt for possible targets with iPhone backup files using Wireshark, Tcpdump and Metasploit. This paper will show how to view the contents of the IOS 5 backup file and extract useful information for the penetration test. We will discuss various mitigation techniques and the new IOS5 iCloud initiative and what this means for the future.