This course is the culmination of years of experience gained via practical pentesting of mobile applications as well as countless hours spent in research. We have structured this course around OWASP Mobile Security Testing Guide and it covers OWASP Mobile
Top Ten. This course gives its participants actionable skills which can be applied in practice from day 1.
Each day starts with a brief introduction to the mobile platform for that day and then
continues with a look at static analysis, moves on to dynamic checks finishing off with a
nice CTF session to test the skills gained.
Course Content (TOC):
Part 1 - Attacking Android apps by Example
Part 1.1
Android Security Crash Course
The state of Android Security
Android security architecture and its components
Android apps and the filesystem
Android app signing, sandboxing and provisioning
Recommended lab setup tips
Part 1.2
Static Analysis with Runtime Checks
Tools and techniques to retrieve/decompile/reverse and review APKs
- Identification of the attack surface of Android apps and general information
gathering
- Identification of common vulnerability patterns in Android apps:
The art of MitM: Intercepting Network Communications
Defeating certificate pinning and jailbreak detection at runtime
The art of Instrumentation: Introduction to Frida, Objection
App behaviour monitoring at runtime
Modifying app behaviour at runtime
Part 2.4
CTF time, including finding IoT vulnerabilities through app analysis
Pre-Requisite
Ability to connect to wireless and wired networks
Ability to read PDF files
Administrative rights: USB allowed, the ability to deactivate AV, firewall, install tools, etc
Knowledge of the BIOS password, in case VT is disabled.
Minimum 8GB of RAM (recommended: 16GB+)
60GB+ of free disk space (to copy a lab VM and other goodies)
VirtualBox 6.0 or greater, including the “VirtualBox Extension Pack”
Genymotion (can be the free version)
A mobile phone capable of receiving text messages
A jailbroken iPhone / iDevice with iOS >=9 (ideally: iOS 12) for the iOS labs
- Optional but useful: One of the following BurpSuite, ZAP or Fiddler (for MitM)
Optional but useful: A Mac/Hackintosh with the latest XCode installed, for iOS code review & labs
Attendees will be provided with
Lifetime access to training portal, with all course materials
Unlimited access to future updates and step-by-step video recordings
Unlimited email support, if you need help while you practice at home later
Government-mandated and police apps in various countries
Many other excitingly vulnerable real-world apps
IoT apps controlling Toys, Drones, etc
Digital copies of all training material
Custom Build Lab VMs
Purpose Build Vulnerable Test apps
Source code for test apps
Who Should Attend
This is more than a physical attendance course: You get the physical course but also
lifetime access to a training portal with step-by-step video recordings, slides and lab
exercises, including all future updates for free
Students can take the course at their own pace and training portal access ensures topics
can be reviewed on an ad-hoc basis as required by the student online after the course.
This training has been built from real issues seen in real applications, not fabricated
vulnerabilities that you will never see in practice.
The goal is to start from the basics and ensure that each student comes out of the
training with a significantly higher level of proficiency in the artistry of mobile pentesting.
Students will be taught of ways to identify the attack surface of mobile apps, exploit
interesting vulnerabilities and means to fix them. Ranging from fun defeating
root/jailbreak detection, pinning, modifying app behaviour at runtime to inspecting what
apps are doing in real time. The training also covers effective identification and exploitation of common vulnerability patterns, modification of Android and iOS apps at
rest and at runtime, and more.
As the course has been written and carefully created by a professional mobile app
penetration tester, after many years of experience, many practical tips will be shared to
leverage automation and make penetration testing more efficient as soon as the student
goes back to their office.