Enhancements in Damn Vulnerable iOS app version 2.0
In this article, I would like to give a quick walkthrough of the new vulnerabilities and challenges that we have added in version 2.0 of Damn Vulnerable iOS app.
In the Insecure Data storage section, we have added challenges for the following databases.
- Realm Database
- Couchbase Lite
- YapDatabase
We have also added a new section on Extension vulnerabilities, which covers vulnerabilities in different application extensions, a feature that was introduced with iOS 8.
In the Runtime Manipulation section, we have added a challenge where you can write a cycript script to brute force a login screen.
Another new section is Attacks on third party libraries, which demonstrates the security gaps that can occur in your application when you use third party libraries in your project.
In the section on Side Channel Data leakage, we have added another vulnerability demonstrating insecure storage of cookies.
The current downloadable IPA file from the website is a fat binary that will work on both 32 bit and 64 bit devices. This app will work on all iOS versions starting from iOS 7.0.
Some important links
We are working on getting the new solutions out as soon as possible so please be patient. For previous vulnerabilities, you can download the solutions for free from here.
For any bugs, suggestions etc, please don't hesitate to contact me. Also, a very special thanks to Egor for his contributions to the project.
Sean's Test Ad
- Sean's
- Test
- Ad
In this series
- Enhancements in Damn Vulnerable iOS app version 2.0
- How to become a cybercrime investigator
- CEH version comparison: V12 to V13 evolution guide
- SecurityX (CASP+) certification: Overview and career path [2025 update]
- ISC2 CSSLP certification overview: What you need to know
- ISC2 CGRC: Overview & career path
- CRISC certification: Overview & career path [updated 2021]
- PMP certification: Overview and career path [updated 2021]
- ISACA CDPSE certification: Overview of the new ISACA privacy certification
- CGEIT certification: Overview and career path [updated 2021]
- What is a cyber range?
- Microsoft azure certification: Overview And career path
- CEH salary guide: What Certified Ethical Hackers really earn
- CCSP salary: How much can you make as a cloud security professional?
- Average CGRC (Certified in Governance, Risk and Compliance) salary
- CRISC Frequently Asked Questions (FAQ) [updated 2022]
- Average CSSLP Salary in 2021
- ISACA CDPSE exam details and process
- How To Become CGEIT Certified – Certification Requirements [updated 2021]
- How to pick the best cyber range for your cybersecurity training needs and budget
- CEH exam eligibility: Application process & requirements guide
- SecurityX (CASP+) frequently asked questions (FAQ) [2025 update]
- CISSP domains overview: Your complete preparation guide
- CCSP exam and CBK changes in August 2024
- Average CRISC Salary [2023 update]
- CGRC certification job titles and career outlook
- ISC2 CSSLP exam details and process
- ISACA CDPSE certification exam: Overview of domains
- An Introduction to the PMP: Exam Details and Process [updated 2021]
- CGEIT certification exam: overview of domains [Updated 2021]
- 10 Success Tips: How to Pass Your Certified Ethical Hacker (CEH) Exam
- SecurityX (CASP+): Exam details and process [2025 update]
- How to become CCSP certified: Certification requirements
- Certified in Risk & Information Systems Control (CRISC) Exam Overview [updated 2022]
- ISC2 CGRC exam details and process
- Best CSSLP study resources and training materials
- ISACA CDPSE domain 1: Privacy governance
- 10 Tips for PMP Certification Exam Success [updated 2021]
- CGEIT certification exam details and process [updated 2021]
- Certified Ethical Hacker (CEH) study guides & resources [updated 2025]
- CompTIA SecurityX resources: Videos, books, tests and more!
- CCSP exam details and process in 2025: Your guide to cybersecurity certification success
- Top 20 project management interview questions in 2024
- ISC2 CGRC certification exam: Overview of domains
- CRISC: Exam details & process [updated 2021]
- Maintaining your CSSLP: CPE and renewal requirements
- CGEIT Frequently Asked Questions (FAQ) [updated 2021]
- Scalability & elasticity: Technical considerations when selecting a cyber range
- Certified Ethical Hacker (CEH) job outlook [updated 2025]
- How to become SecurityX (CASP+) certified — certification requirements [2025 update]
- Test your cloud knowledge with these CCSP sample questions
Cybercrime investigator
Cybercrime has hit record levels, with an expected $7 trillion USD to be made from cybercriminal activity by 2021. Investigating these sorts of crimes can be
EC-Council CEH
CEH v13 is the world's first AI-powered ethical hacking certification. Discover what's new, how it compares to v12/v11 and why it's a career game-changer.
CompTIA SecurityX
Explore the expert-level CompTIA SecurityX certification, what to expect on the exam, the career benefits and more.
ISC2 CSSLP
Becoming a Certified Secure Software Lifecycle Professional (CSSLP) validates your knowledge and skills around developing secure code and software.
