Overview

This 3 day mobile application hacking training course is designed to provide ​you with the fundamentals of mobile application security, detailing the most common vulnerabilities and how to identify them.

Focussing on the prevalent mobile platforms, Android and iOS, ​you will have access to vulnerable mobile applications using devices and emulators to assess their security through a series of practical hands-on exercises. The techniques gained throughout this course will enable ​you to understand whether the sensitive information stored on mobile devices is sufficiently protected and what the risk and exposure is if an attacker was able to get his hands on the mobile device

Prerequisites

Delegates should have knowledge or an understanding of:

  • how the iOS and Android platform and devices work
  • HTTP protocol
  • Programming
  • Windows and Linux command line
  • Java and Objective-C languages

Delegates will learn how to

  • Upon completion of the course, ​you will:
  • have learnt the content of OWASP's Mobile Top 10 vulnerabilities list
  • understand where issues might appear in a mobile application
  • have gained knowledge of the most popular security vulnerabilities identified in iOS and Android platforms
  • understand the significance of data stored on every day mobile devices
  • have learnt to retrieve class methods by reverse engineering iOS applications
  • gained the ability and confidence to reverse engineer Android applications to obtain source code
  • have learnt the fundamental vulnerabilities found on mobile applications, including static and runtime analysis of the applications, insecure data storage and binary patching.

Outline

Security

  • iOS Security
  • Secure Boot Chain
  • Sandboxing
  • File security

Android Security

  • Zygote
  • Sandboxing
  • File Access

Application types

  • Native
  • Web based
  • Hybrid (Both)

Jailbreaking

Data in Transit

  • Setting up a proxy (Both)
  • Installing certificates
  • Certificate Pinning (Both)
  • SQL injection (Both)
  • XSS (Both)
  • URL Schemes
  • Content Providers (Android)
  • Javascript Bridges (Android)

Data at Rest

  • SQLite files (Both)
  • Plist files
  • NSUserDefaults
  • Core Data
  • Keychain
  • Cookies
  • Data location (Android)

Static Analysis

  • Decrypting Applications
  • Position Independent Executable (PIE) Flag
  • Class Dumping
  • Binary patching
  • Automated Tools (Both)
  • Manifest file examination (Android)
  • Reverse Engineering (Android)
  • Smali code syntax (Android)
  • Java decompilation (Android)
  • Hardcoded sensitive information (Android)
  • Application backups (Android)
  • Broken Cryptography (Android)

Dynamic Analysis / Runtime Analysis

  • Runtime Patching (Both)
  • Runtime Manipulation
  • Automated Tools
  • Activity manager (Android)
  • Reflection (Android)

Side Channel Attacks

  • Screenshots
  • Cookies (Android)
  • Cache (Both)

Known attacks

  • Known attacks
  • Cache