Apple iOS Forensics

Apple iOS Forensics // Costin Raiu

In-Person | Nov 5,6 | 2 Days

BOOK NOW

ABSTRACT

This course focuses on the challenge of examining Apple’s proprietary iOS ecosystem, a common target for sophisticated, high-stakes cyberattacks. You’ll learn foundational iOS security principles, the practical constraints forensic investigators face, and the step-by-step methods and tools for extracting data in fully authorized forensic engagements.

Apple iOS Forensics // Costin Raiu

In-Person | Nov 3-6 | 4 Days

BOOK NOW

INTENDED AUDIENCE

Forensic investigators and incident response specialists who wish to upskill themselves for real life iOS forensic investigations.

KEY LEARNING OBJECTIVES

Core principles of iOS security
Capturing and exporting device backups
Generating and interpreting sysdiagnose logs, reboot artefacts
Retrieving App Privacy reports and crash logs
Conducting live process inspections
Capturing network packets
Decrypting intercepted traffic
Exploring iOS malware attack vectors
Employing signature scanners and commercial forensic tools

BOOK NOW

YOUR INSTRUCTOR: Costin Raiu

Costin Raiu is a cyber paleontologist and researcher specializing in analyzing advanced persistent threats and high-level malware attacks. He is a founder at "Art of Noh", a visionary think-tank dedicated to the advancement of cybersecurity and founder at "TLPBLACK", a boutique cybersecurity consulting and intelligence company. Before this, he led GReAT, the team that researched the inner workings of Stuxnet, Flame, Duqu, Turla, Lazarus or Moonlight Maze.

Costin has over 30 years of experience in ITSec, having written his first antivirus when was 16. He is a member of the Virus Bulletin Technical Advisory Board, a member of the Computer AntiVirus Researchers’ Organization (CARO) and a founding member of the MUTE Group.

Costin enjoys playing chess, taking photos and reading science fiction literature. He holds a black belt in Taekwondo.

https://www.linkedin.com/in/craiu/
https://x.com/craiu

BOOK NOW

Cancellation Policy

COUNTERMEASURE25: 60+ days before the event 75% of fees refunded; 45-60 days before event 50% refunded, less than 45 days 0% refunded. Course changes are allowed up to 14 days before event start (some restrictions will apply). Attendee changes can be accommodated up to 14 days prior to the event.

Note: In the event of a class cancellation, Ringzer0 will endeavor to offer transfer to another training at no additional charge.

OTHER IN-PERSON TRAINING COURSES

COUNTERMEASURE25 In-Person Training

Emulation and Fuzzing for Baseband Firmware

Over the 4 days of this training, you will learn how to reverse engineer mobile baseband firmware, create fuzzing harnesses, and find bugs via fuzzing!

COUNTERMEASURE25 In-Person Training

Black Hat Python For Hackers and Pentesters

This course is a companion to Black Hat Python, 2nd Edition, covering major subject areas through hands-on labs and exercises. It is beneficial for both seasoned and new Python programmers.

COUNTERMEASURE25 In-Person Training

Windows Enterprise Incident Response

Led by Mandiant, this course teaches fundamental investigative techniques for responding to cyber threats, including rapid triage, identifying attack vectors, and investigating incidents.

COUNTERMEASURE25 In-Person Training

Malware Analysis and Reversing

Explore both dynamic and static approaches to dissecting malware, learn the tools and platforms used for deep malware inspection. At the core of the training we placed reverse-engineering, which is essential for thorough understanding of malicious intent and various conditions.

Everyday Ghidra: Intro to Windows Reverse Engineering and Vulnerability Research

COUNTERMEASURE25 In-Person Training