OWASP iGoat - A Learning Tool for iOS App Pentesting and Security

HIGHLIGHTS

Reasons to love iGoat!

Client-Server Arch

iGoat is a client-server architecture. Help to learn vulnerabilities in both ways.

Documentation

iGoat has detailed documentation. This will help you to learn iGoat step by step

Support

We are here to hear from you. If you raise issue on github or send ur query, we will respond it on priority.

Launch iGoat

You can use iGoat on Mac, iPhone, iPad, iPod

Read Documentation iGoat Blog

1

Identify

Brief introduction to the problem.
2

Exploit

Verify the problem by exploiting it.
3

Solutions

Brief description of available remediations to the problem.
4

Defend

Fix the problem by correcting and rebuilding the iGoat program.

Developed and Managed by

Swaroop works as Security Engineer and project lead for OWASP iGoat which is developed for mobile security. You can reach out to Swaroop at @swaroopsy

Swaroop Yermalkar

Security Engineer

Anthony works as iOS Developer and lead developer for OWASP iGoat

Anthony Gonsalves

iOS Developer

GALLERY

iGoat Screenshots

FAQ

Frequently Asked Questions

Can I use iGoat on non-jailbroken devices?

Yes you can install but with limited funcitonalities. There will be limitations in terms of exploiting vulneraiblities.

Is there any documentations?

Yes there is detailed documentation on iGoat. You can find it at here

Where I can learn iOS pentesting in depth?

We're currently working on step by step guide to exploit vulnerabilities from basics to advanced. You can find details at here

Can I contribute for project?

To contribute to iGoat project, please contact Swaroop ( swaroop[dot]yermalkar[at]owasp[dot]org or @swaroopsy )

Download iGoat

OWASP iGoat is available in Swift and Objective C version. Select your version to download

Swift Version

Objective C

*Works on iOS 9+

Any Queries? Email us Follow Us