Overview

Ever wondered how different attacking a Mobile application would be, from a traditional web  application? Gone are the days when knowledge of just SQL Injection or XSS could help you  land a lucrative high-paying infoSec job.

This course is designed to introduce beginners as well as advanced security enthusiasts to the  world of mobile security using a fast-paced learning approach through intensive hands-on labs. 

We are bringing an updated version of the course with the latest tools & techniques. The

training will be based on exploiting Damn Vulnerable iOS app, Android-InsecureBankv2,

InsecurePass and other real-world application vulnerabilities in order to give an in-depth

knowledge about the different kinds of vulnerabilities in Mobile applications. After the

workshop, the students will be able to successfully pentest and secure applications running on  the various operating systems.

Slides, Custom scripts, Videos, VM and detailed documentation on the labs will be provided to  the students for practice after the class.

After the training the attendees will: 

• Reverse engineer iOS and Android binaries (Apps and system binaries)

• Understanding of the various bug categories on Android and iOS systems

• Be able to audit iOS and Android apps for security vulnerabilities

• Understand and bypass anti-debugging and obfuscation techniques

• Get a quick walkthrough on using IDA Pro, Hopper, Frida, etc

Course outline:

Part 1 - iOS Exploitation

Module 1: Getting Started with iOS Pentesting

• iOS security model

• App Signing, Sandboxing and Provisioning

• Setting up XCode

• Changes in iOS 12

• Primer to iOS 12 security

• Exploring the iOS filesystem

• Intro to Objective-C and Swift

• What's new in Swift ?

• Setting up the pentesting environment

• Jailbreaking your device

• Cydia, Mobile Substrate

• Getting started with Damn Vulnerable iOS app

• Binary analysis

• Finding shared libraries

• Checking for PIE, ARC

• Decrypting ipa files

• Self signing IPA files
  

Module 2 : Static and Dynamic Analysis of iOS Apps

• Static Analysis of iOS applications

• Dumping class information

• Insecure local data storage

• Dumping Keychain

• Dynamic Analysis of iOS applications

• Basic App Exploitation techniques using Frida

• Advance App Exploitation techniques using Frida
  
  

Module 3: iOS application vulnerabilities

• Exploiting iOS applications

• Broken Cryptography

• Side channel data leakage

• Sensitive information disclosure

• Client side injection

• Bypassing jailbreak, piracy checks

• Inspecting Network traffic

• Traffic interception over HTTP, HTTPs

• Manipulating network traffic

• Bypassing SSL pinning

Module 4 : Reversing iOS Apps

• Introduction to Hopper

• Disassembling methods

• Modifying assembly instructions

• Patching App Binary

Part 2 - Android Exploitation

Module 1

• Why Android

• Intro to Android

• Android Security Architecture

• Android application structure

• Signing Android applications

• ADB – Non Root

• Rooting Android devices

• ADB – Rooted

• Understanding Android file system

• Permission Model Flaws

• Attack Surfaces for Android applications
  
  

Module 2

• Understanding Android Components

• Introducing Android Emulator

• Introducing Android AVD
  
  

Module 3

• Proxying Android Traffic

• Reverse Engineering for Android Apps

• Smali Learning Labs

• Smali vs Java

• Dex Analysis and Obfuscation

• Android App Hooking
  
  

Module 4

• Exploiting Local Storage

• Exploiting Network Communication

• Exploiting Certificate Pinning using manual and automated techniques

• Exploiting Weak Cryptography

• Exploiting Side Channel Data Leakage

• Manual and Automated Root Detection and Bypass

• Identifying and Exploiting flawed Broadcast Receivers

• Identifying and Exploiting flawed Intents

• Identifying and Exploiting Vulnerable Activity Components

• Analysing Proguard, DexGuard and other Obfuscation Techniques

• Exploiting Android NDK
  
  

Module 5

• App Exploitation using Drozer

• Basic App Exploitation techniques using Frida

• Advance App Exploitation techniques using Frida

Key takeaways

• Videos for all the vulnerabilities shared in the class

• Custom VM that can be used for Mobile Application Exploitation

• Detailed slides about every topic learnt in the class

Who Should Take This Course

This course is for penetration testers, mobile developers or anyone keen to learn mobile  application security.

Student Requirements

The course covers topics ranging from beginners to advance topics. Basic Linux skills is the only  requirement for the course.

What students should bring 

• Laptop with:

• 50+ GB free hard disk space

• 8+ GB RAM

• VMware player installed on the machine

• Students will be provided with access to Corellium for iOS hands-on and as such do not n eed to carry iOS devices

• Download and install the latest version of Xcode

• Administrative access on the system

• External USB access allowed

What Students Will be Provided With

• Videos for all the vulnerabilities shared in the class

• Huge list of good reads and articles for learning mobile application security

• Source code for vulnerable applications

• Custom VM for hands-on pentesting

• Students will be provided with access to Corellium for iOS hands-on for the duration of

the course

English	2 days
22nd, 23rd  September	ONLINE

Cost