| layout | title | tags | level | type |
|---|---|---|---|---|
col-sidebar |
OWASP iGoat Tool |
igoat |
2 |
tool |
iGoat is a learning tool for iOS developers (iPhone, iPad, etc.) and mobile app pentesters. It was inspired by the WebGoat project, and has a similar conceptual flow to it.
As such, iGoat is a safe environment where iOS developers can learn about the major security pitfalls they face as well as how to avoid them. It is made up of a series of lessons that each teach a single (but vital) security lesson.
- Brief introduction to the problem.
- Verify the problem by exploiting it.
- Brief description of available remediations to the problem.
- Fix the problem by correcting and rebuilding the iGoat program.
Step 4 is optional, but highly recommended for all iOS developers. Assistance is available within iGoat if you don't know how to fix a specific problem.
Vulnerabilities Covered (version 1.0): 
Documentation: iGoat Wiki
iGoat Quick Setup git clone https://github.com/OWASP/iGoat-Swift.gitand open iGoat-Swift.xcodeproj with xcode.
Setup iGoat Server Navigate to server > docker_packaging and then use command docker compose up
Using Cydia Repo - Open Cydia -> Sources -> Edit and add source http://swiftigoat.yourepo.com/ and then search for iGoat and install it.
Project Lead - Swaroop Yermalkar
