Intro I recently had a fair bit of difficulty arriving at a suitable network setup for pen testing an iOS app (Note this is a hybrid app - and heavily based on APIs), as I was testing an environment behind VPN (such as Cisco Anyconnect), I had go for dual vpn setup to access the APIs within the Corporate network. So I wrote this article basically to make sure this will help someone and more importantly I don't forget . One of the primary goal with any pentesting is to MITM the traffic from the iDevice. This can be achieved by using OpenVPN (on Ubuntu VM) and OpenConnect Client (on iDevice). Additionally, we need to ensure the Burp invisible proxy is enabled, literally we are treating the app as a proxy-unaware app. Credits: https://security.stackexchange.com/questions/190568/optimal-way-to-capture-https-traffic-on-proxy-unaware-ios-applications https://portswigger.net/burp/documentation/desktop/tools/proxy/options/invisible Pre-Reqs: Jail-Broken iPhone(iDevice) (I...