Скачать с ютуб Man in The Middle Attack and SSLPinning | Ethical Hacking | Charles | iOS | Swift | Xcode в хорошем качестве

Man in The Middle Attack and SSLPinning | Ethical Hacking | Charles | iOS | Swift | Xcode

In this video, I’ve discussed about some of the good practices for enhancing the security of an iOS Application. I’ve demonstrated that how Charles can be used for intercepting the web service calls, how HTTPS prevents it. Further, how Man In The Middle Attack can be performed (using Proxy certificate) for bypassing HTTPS security. What is SSL Certificate, how does it work, asymmetric cryptography, why it should be pinned (SSL Pinning) with the app, Certificate Pinning and Public Key Pinning, in what scenario can SSL pinning fail and obfuscation. Implementation of Certificate Pinning - https://gist.github.com/pallavtrivedi... Inspiration & implementation of Public Key Pinning -   / ssl-pinning   Credits - Hacking video (used in starting of the video) by Mikhail Nilov from Pexels https://www.pexels.com/@mikhail-nilov... Chapters 👇🏼 00:00 Start 00:09 Introduction 01:07 Intercepting web service calls made over HTTP 02:23 Configuring Charles 05:40 How HTTPS differs from HTTP 07:55 Asymmetric Cryptography 08:41 SSL Certificate and it’s working 11:19 Man In The Middle Attack (Concept) 12:20 Man In The Middle Attack (In Action) 15:43 SSL Pinning 22:24 Obfuscation