2-DAY TRAINING 1: Mobile Application Hackers Handbook: Live Edition

DURATION: 2 DAYS

CAPACITY: 20 pax

SEATS AVAILABLE: ONLINE REGISTRATION IS CLOSED

PRICE:  EUR1499 (early bird)

EUR1999 (normal)

Early bird registration rate ends on the 14th of February

Overview

The course follows chapters 1-9 of the Mobile Application Hacker’s Handbook, with a strong focus on practical attacks. Over the 2-day training course delivered by the lead author of the book, delegates will learn the tricks and techniques to hack and secure mobile applications on the iOS and Android platforms.

After a short introduction in to the subject, we delve in to the following core modules:

  • Introduction to Mobile Application Security Assessment (Chapter 1)
  • Analyzing iOS applications (Chapter 2)
  • How to attack iOS applications (Chapters 3-4)
  • Securing iOS applications (Chapter 5)
  • Understanding Android applications (Chapter 6)
  • Exploiting Android applications (Chapter 7-8)
  • Securing Android applications (Chapter 9)

Key Learning Objectives

  • The security protections on iOS and Android devices
  • How iOS and Android devices are jailbroken or rooted
  • How to quickly and efficiently pinpoint and exploit vulnerabilities in iOS and Android apps
  • How to decompile, reverse and patch iOS and Android apps
  • How to hack webviews, client-side databases and the keychain
  • Instrument application runtimes using Frida, Cydia Substrate and Cycript
  • Exploitation of IPC mechanisms including content providers, URL handlers, application extensions, broadcasts, activities and intents
  • Practical exploitation of poorly implemented cryptography
  • Bypass security controls such as root or jailbreak detection
  • Real-world 2016 techniques used to defeat real apps on iOS9 and Lollipop!
  • Knowledge of defensive and remedial advice

Prerequisite Knowledge

  • A basic knowledge of programming and mobile security concepts.

Hardware / Software Requirements

  • Administrative access to the laptop and the ability to install a few tools, and disable personal firewalls or virus scanners should they get in the way of the lab exercises.
  • We strongly recommend a personal laptop ­ if your corporate laptop build is too restrictive this may affect your ability to participate in the course fully.
  • A laptop with the capability to connect to wireless and wired networks.
  • The laptop should be of a reasonable specification, we recommend at least 8GB of RAM with at least 16GB of disk space free and ideally be VTX compatible.
  • Students require a player to run VirtualBox images.

TRAINING
Location: NH Krasnapolsky Date: May 24, 2016 Time: 9:00 am - 6:00 pm Dominic Chell