Scribd
Upload
54 views

JustificationLetter_8kSec-Academy_Offensive-iOS-Internals

Merci

Uploaded by

2kzwfcvx44
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
54 views

JustificationLetter_8kSec-Academy_Offensive-iOS-Internals

Merci

Uploaded by

2kzwfcvx44
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

Below you’ll find a Justification letter template for the Offensive iOS Internals course.

This is a letter that you can share with the decision makers to explain all the benefits
you'll get from attending the course, and how it will make you a better employee, and
help advance your organization.

This is a general template to help get you started, so feel free to customize it to you and
your organization's particular needs. REPLACE all red text as indicated in the
placeholder below.

Subject: Request for Approval for attending course on iOS Internals

Hi <<[Decision-Maker-Name>>]>>,

Hope you are doing well.


I am writing to request approval to attend the ‘Offensive iOS Internals’ course offered by
8kSec (https://academy.8ksec.io/course/offensive-ios-internals). This course will provide
me with the necessary skills to improve our team's ability to understand the internals of
the iOS platform, so that we can utilize the platform security features better to prioritize
protecting customer data.

Course Information
This course is designed to provide a comprehensive understanding of the workings of
iOS internals and their security features. Students will learn the fundamental concepts
and tools used in reverse engineering, including static and dynamic analysis
techniques, as well as various debugging and disassembly tools aimed at the iOS
platform. Participants will gain hands-on experience in reverse engineering, exploit
development basics for the ARM platform, and deep dive into memory management
and related vulnerabilities. In this unique course targeting the internals of the iOS
operating system, you'll get a chance to explore various exploit mitigations, IPC
mechanisms, and XNU internals. Develop skills in reverse-engineering iOS specific
security features and gain a deeper understanding of exploitation techniques, including
both userland and kernel-level exploits. Follow each stage of the jailbreak process,
supported by case studies of real-world exploits.

Key Objectives
My key objectives from the course are:
● Introduction to ARM64 architecture
● Overview of the iOS Kernel and it’s Security Mitigations
● Reverse engineering iOS binaries (Apps and system binaries)
● Get an intro to common bug various bug categories on iOS
● Understand Memory allocation in Userland and Kernel
● Learn how Sandboxing and Code Signing works in iOS
● Get a deeper understanding of how Jailbreaks work
● Learn how to Reverse engineer proprietary security mitigations
● Learn using case Study of some real-world vulnerabilities including both Kernel
bugs as well as bypass of Security mitigations
● Learn to exploit different iPC mechanisms (mach_msg2, XPC etc)
● Become a Certified iOS Security Researcher (CISR)

Benefits to the Team


By attending this course, I will be able to:
● Share knowledge about how the underlying Mobile iOS features has impact on
the testing techniques used during Mobile Security Research.
● Expand the inhouse knowledgebase with information related to userland as well
as kernel security.
● Strengthen our mobile application security posture by identifying and remediating
vulnerabilities before they are discovered by attackers.
● Reduce the risk of data breaches and other security incidents that could damage
our reputation and financial standing.
● Contribute more effectively to iOS application security testing efforts, ultimately
leading to more secure and reliable mobile applications.

Certification:
The course includes a free attempt for the Certified iOS Security Researcher (CISR)
certification. The CISR certification would attest to my comprehensive grasp of iOS
Internals.

Expected Pricing
I'd like to take the Offensive iOS Internals course in On-Demand format. The full price
for the course is <<[$___]>>, but it can be reduced by <<[$___]>> for registering by the
early bird deadline of <<[Date]>>.

Here is a breakdown of the expected costs involved:

Course Pricing <<[$___]>>


Certification Fee $0
Course Discount - <<[$___]>>
Total Pricing <<[$___]>>
Conclusion
This course aligns with our team's goals of enhancing our iOS Internals and security
domain expertise. My participation demonstrates my commitment to professional
development and continuous learning.

The team at 8kSec has taught sold-out classes on the topic for the last few years
around the globe for multiple conferences and privately held organizations. I am
confident that the skills and knowledge gained from this course will be a valuable asset
to our team.

I have reviewed the course curriculum and cost, and I believe it represents a worthwhile
investment in our mobile application security efforts.

The course details can be found at https://academy.8ksec.io/course/offensive-ios-


internals

Sincerely,
<<[Your-Name-Here]>>

You might also like