Bypassing OpenSSL Certificate Pinning in iOS Apps

I don't even attempt to circumvent SSL pinning. IMO it's easier and safer to use Cydia substrate to decorate the networking classes to print args and return values to the console. I've reversed a few APIs in this way, including a bank's.

&gt; From a penetration testing perspective, this may cause practical problems<p>I was super confused what they were talking about, until I remembered that &quot;penetration testing&quot; really just means &quot;penetration&quot;, not &quot;testing&quot;, it&#x27;s just a euphemism for &quot;attacking&quot;. I think?

Wouldn&#x27;t it be much harder to patch the binary if it were stripped? Is it not common to strip release builds of iOS apps?