We’re glad to announce that our Mobile Hacking course and workshop will be delivered in a many different infosec conferences in the following weeks: virtually and in english for OWASP AppSec Israel and HITB CyberWeek, in real life but in french for another infosec conference and, also a French school but we’ll make another post for that.
OWASP AppSec Israel 2020 - Workshop - October 27
We’ll deliver two virtual workshops: one will be focused on Android apps and the other one on iOS apps. Here is the agenda of this 2 x 2 hours workshop:
- Understand Android and iOS basics
- Introduce the OWASP Mobile Security Testing Guide
- Learn how to use the common tools (adb, apktool, JADX, Frida, Objection, Cydia Impactor, Hopper, rvictl and rvi_capture)
- Practice on how to resolve the OWASP Android crackmes (Levels 1, 2 and 3) and iGoat and DVIA challenges
More information will be provided soon: https://appsecil.org
HITB CyberWeek - 3 days training - November 16-18
And we’ll deliver a virtual training for HITB to go deeper and learn how to assess the security of Android and iOS applications. Here is the main agenda:
- Introduce the OWASP MSTG (Mobile Security Testing Guide) and the MASVS (Mobile Application Security Verification Standard)
- Learn Android and iOS security basics
- Know how to build an Android and iOS pentest toolset
- Learn how to review the codebase of a mobile application (aka static analysis)
- Run the mobile application on a rooted device (to check data security issues)
- Inspect the app via instrumentation and manipulate the runtime (aka runtime analysis)
- Man in The Middle all the network communications (aka inspect the traffic)
The full detail of the course can be found on the HITB website: