I've contacted Apple support about this topic, and they've directed me to this forum.
I regularly perform Pentests of iOS applications. To properly assess the security of iOS apps, I must bypass given security precaution taken by our customers, such as certificate pinning.
According to a number of blog articles, this appears to only be viable on jailbroken devices. If a target application requires a modern version of iOS, the security assessment can't be properly performed.
As it should be in Apple's best interest, to offer secure applications on the App Store, what's the recommended approach to allow intrusive pentesting of iOS apps?
First up, I want to make sure you’re aware of this: Apple Security Research Device Program
But as to your specific situation, you could work with your customers to get builds of their app that are more amenable to your testing. For example, a development-signed build, with the get-task-allow entitlement, will allow you to attach with the debugger.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"