OWASP iGoat Tool

OWASP iGoat - A Learning Tool for iOS App Pentesting and Security Twitter Follow

iGoat is a learning tool for iOS developers (iPhone, iPad, etc.) and mobile app pentesters. It was inspired by the WebGoat project, and has a similar conceptual flow to it.

As such, iGoat is a safe environment where iOS developers can learn about the major security pitfalls they face as well as how to avoid them. It is made up of a series of lessons that each teach a single (but vital) security lesson.

The lessons are laid out in the following steps:

  1. Brief introduction to the problem.
  2. Verify the problem by exploiting it.
  3. Brief description of available remediations to the problem.
  4. Fix the problem by correcting and rebuilding the iGoat program.

Step 4 is optional, but highly recommended for all iOS developers. Assistance is available within iGoat if you don’t know how to fix a specific problem.

OWASP iGoat (Swift) - A Damn Vulnerable Swift Application for iOS Twitter Follow

Vulnerabilities Covered (version 1.0): Download iGoat Documentation: https://docs.igoatapp.com/

Documentation: iGoat Wiki

iGoat Quick Setup git clone https://github.com/OWASP/iGoat-Swift.gitand open iGoat-Swift.xcodeproj with xcode. Setup iGoat Server Navigate to server > docker_packaging and then use command docker compose up
Using Cydia Repo - Open Cydia -> Sources -> Edit and add source http://swiftigoat.yourepo.com/ and then search for iGoat and install it.

Project Lead - Swaroop Yermalkar Twitter Follow

Architecture

Architecture


Example

Put whatever you like here: news, screenshots, features, supporters, or remove this file and don’t use tabs at all.