MOB-IOS-KEYCHAINCredential Access

iOS Keychain Dump (jailbroken)

objection ios keychain dump — extract all kSecClassGenericPassword / kSecClassInternetPassword entries from the device.

§ Where this technique fits

MOB-IOS-KEYCHAIN is catalogued under the Credential Access tactic of the offensive-security kill-chain. It appears in 1 approved dossier in the registry, typically at step 4 on average.

§ Dossiers chaining this technique

Jailbreak detection bypass → keychain dump
Test on a jailbroken device. Hook jailbreak-detection routines, run objection to dump the entire app keychain — recovers session tokens, refresh tokens, biometric keys.
step 4 / 5

§ What commonly comes next

01
Valid Accounts
T1078 · Initial Access
seen 1×

§ Where this technique fits

§ Dossiers chaining this technique

Jailbreak detection bypass → keychain dump

§ What commonly comes next