{"id":14973,"date":"2024-02-22T02:57:35","date_gmt":"2024-02-22T02:57:35","guid":{"rendered":"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/product\/practical-mobile-exploitation-auh2024\/"},"modified":"2024-02-29T03:25:51","modified_gmt":"2024-02-29T03:25:51","slug":"practical-mobile-exploitation-auh2024","status":"publish","type":"product","link":"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/product\/practical-mobile-exploitation-auh2024\/","title":{"rendered":"Practical Mobile Exploitation"},"content":{"rendered":"<div class=\"page\" title=\"Page 2\">\n<div class=\"section\">\n<div class=\"layoutArea\">\n<div class=\"column\">\n<h4><strong><span style=\"color: #993300\">ATTEND IN-PERSON<\/span>: <\/strong><strong>Onsite at Abu Dhabi<\/strong><\/h4>\n<h4><strong>DATE: 25-27 Nov 2024<\/strong><\/h4>\n<h4><strong>TIME: 09:00 to 17:00 GST\/GMT+4<\/strong><\/h4>\n<table style=\"height: 146px\" width=\"599\">\n<tbody>\n<tr>\n<td><strong>Date<\/strong><\/td>\n<td><strong>Day<\/strong><\/td>\n<td style=\"text-align: left\"><strong>Time<\/strong><\/td>\n<td><strong>Duration<\/strong><\/td>\n<\/tr>\n<tr>\n<td>25 Nov<\/td>\n<td>Monday<\/td>\n<td>09:00 to 17:00 GST\/GMT+4<\/td>\n<td>8 Hours<\/td>\n<\/tr>\n<tr>\n<td>26 Nov<\/td>\n<td>Tuesday<\/td>\n<td>09:00 to 17:00 GST\/GMT+4<\/td>\n<td>8 Hours<\/td>\n<\/tr>\n<tr>\n<td>27 Nov<\/td>\n<td>Wednesday<\/td>\n<td>09:00 to 17:00 GST\/GMT+4<\/td>\n<td>8 Hours<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<div class=\"page\" title=\"Page 3\">\n<div class=\"layoutArea\"><\/div>\n<\/div>\n<h5>After running sold-out training at multiple conferences over the last few years, we are back with an updated version of our course which now covers ARM64, iOS &amp; Android Internals, and detailed Mobile apps and operating system security. The class starts with a basic introduction to the ARM instruction set and calling conventions followed by some reverse engineering exercises. We then learn how to craft simple exploits for the ARM64 environment.<\/h5>\n<p>The training will be based on exploiting Damn Vulnerable iOS app, Android-InsecureBankv2, InsecurePass and a wide range of real-world application vulnerabilities in order to give in-depth knowledge about the different kinds of vulnerabilities in Mobile applications. After the workshop, the students can successfully audit and secure applications running on iOS\/Android operating systems, as well as get a better understanding of their Internals. Students will learn how to use Frida, a dynamic instrumentation framework, for doing vulnerability research.<\/p>\n<p>Slides, Custom scripts, Videos, VM and detailed documentation on the labs will be provided to the students for practice after the class. Corellium access will be provided to students during the training course. Students will be provided access to a Slack channel where the trainers will help prep them for the class, and the students can retain access to it for the foreseeable future.<\/p>\n<p>Slides, videos, and detailed documentation on the labs will be provided to the students for practice after the class. Corellium access will be provided to students during the training course.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<p>&nbsp;<\/p>\n<h5><strong>Key Learning Objectives<\/strong><\/h5>\n<ul>\n<li>Gain knowledge about the latest ARM64 instruction set.<\/li>\n<li>Explore the internals of mobile kernels and learn about various kernel security mitigations.<\/li>\n<li>Get an intro to some common bug categories UaF, Heap overflow, etc<\/li>\n<li>Understand how jailbreaks and exploits are written<\/li>\n<li>Familiarize yourself with recent bugs and their corresponding mitigations, such as TXM, SPTM, PAC, CoreTrust, and PPL.<\/li>\n<li>Receive an introduction to common bug categories like UaF (Use-after-Free) and Heap overflow.<\/li>\n<li>Understand the process of writing jailbreaks and exploits.<\/li>\n<li>Develop the skill of reverse engineering iOS and Android binaries, including both apps and system binaries.<\/li>\n<li>Learn how to conduct security audits on iOS and Android apps, identifying potential vulnerabilities.<\/li>\n<li>Acquire techniques to bypass anti-debugging and obfuscation methods employed by developers.<\/li>\n<li>Be able to read Mobile Kernel Vulnerability Reports and get a better understanding of them.<\/li>\n<li>Receive a comprehensive overview of tools such as IDA Pro, Hopper, and Frida, and their practical applications.<\/li>\n<li>Gain an introductory understanding of common bug categories found in Android and iOS systems.<\/li>\n<li>Continue practicing the auditing of iOS and Android apps for security weaknesses.<\/li>\n<li>Expand your knowledge on bypassing exploit mitigations using both manual and automated approaches.<\/li>\n<li>Receive detailed guidance on utilizing IDA Pro, Hopper, and Frida for advanced analysis and exploration.<\/li>\n<\/ul>\n<div class=\"page\" title=\"Page 4\">\n<div class=\"section\">\n<div class=\"layoutArea\">\n<div class=\"column\">\n<p>&nbsp;<\/p>\n<h5><strong>What will the students get:<\/strong><\/h5>\n<ul>\n<li>Videos for some vulnerabilities shared in the class<\/li>\n<li>Huge list of good reads and articles for learning mobile application security<\/li>\n<li>Source code for vulnerable applications<\/li>\n<li>Source code for Exploit PoCs&#8217; that can be used for Bug Bounties<\/li>\n<li>Custom VM for hands-on pentesting after the class<\/li>\n<li>Students will be provided with access to Corellium for iOS hands-on for the duration of the course<\/li>\n<li>Students will be provided access to cloud instances for the duration of the course<\/li>\n<li>Slack access for the class and after for regular mobile security discussions<\/li>\n<\/ul>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>ATTEND IN-PERSON: Onsite at Abu Dhabi DATE: 25-27 Nov 2024 TIME: 09:00 to 17:00 GST\/GMT+4 Date Day Time Duration 25 Nov Monday 09:00 to 17:00 GST\/GMT+4 8 Hours 26 Nov Tuesday 09:00 to 17:00 GST\/GMT+4 8 Hours 27 Nov Wednesday 09:00 to 17:00 GST\/GMT+4 8 Hours After running sold-out training at multiple conferences over the [&hellip;]<\/p>\n","protected":false},"featured_media":14972,"template":"","meta":{"_acf_changed":false},"product_cat":[61,90,92,57],"product_tag":[],"class_list":{"0":"post-14973","1":"product","2":"type-product","3":"status-publish","4":"has-post-thumbnail","6":"product_cat-3-day-training","7":"product_cat-auh2024","8":"product_cat-auh2024-training","9":"product_cat-in-person","11":"first","12":"outofstock","13":"featured","14":"shipping-taxable","15":"purchasable","16":"product-type-simple"},"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.3 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Practical Mobile Exploitation - HITBSecConf2024 - Abu Dhabi<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/product\/practical-mobile-exploitation-auh2024\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Practical Mobile Exploitation - HITBSecConf2024 - Abu Dhabi\" \/>\n<meta property=\"og:description\" content=\"ATTEND IN-PERSON: Onsite at Abu Dhabi DATE: 25-27 Nov 2024 TIME: 09:00 to 17:00 GST\/GMT+4 Date Day Time Duration 25 Nov Monday 09:00 to 17:00 GST\/GMT+4 8 Hours 26 Nov Tuesday 09:00 to 17:00 GST\/GMT+4 8 Hours 27 Nov Wednesday 09:00 to 17:00 GST\/GMT+4 8 Hours After running sold-out training at multiple conferences over the [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/product\/practical-mobile-exploitation-auh2024\/\" \/>\n<meta property=\"og:site_name\" content=\"HITBSecConf2024 - Abu Dhabi\" \/>\n<meta property=\"article:modified_time\" content=\"2024-02-29T03:25:51+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/wp-content\/uploads\/sites\/23\/2024\/02\/Product-1.png\" \/>\n\t<meta property=\"og:image:width\" content=\"540\" \/>\n\t<meta property=\"og:image:height\" content=\"670\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/product\/practical-mobile-exploitation-auh2024\/\",\"url\":\"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/product\/practical-mobile-exploitation-auh2024\/\",\"name\":\"Practical Mobile Exploitation - HITBSecConf2024 - Abu Dhabi\",\"isPartOf\":{\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/product\/practical-mobile-exploitation-auh2024\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/product\/practical-mobile-exploitation-auh2024\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/wp-content\/uploads\/sites\/23\/2024\/02\/Product-1.png\",\"datePublished\":\"2024-02-22T02:57:35+00:00\",\"dateModified\":\"2024-02-29T03:25:51+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/product\/practical-mobile-exploitation-auh2024\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/product\/practical-mobile-exploitation-auh2024\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/product\/practical-mobile-exploitation-auh2024\/#primaryimage\",\"url\":\"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/wp-content\/uploads\/sites\/23\/2024\/02\/Product-1.png\",\"contentUrl\":\"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/wp-content\/uploads\/sites\/23\/2024\/02\/Product-1.png\",\"width\":540,\"height\":670},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/product\/practical-mobile-exploitation-auh2024\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Shop\",\"item\":\"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/shop\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Practical Mobile Exploitation\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/#website\",\"url\":\"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/\",\"name\":\"HITBSecConf2024 - Abu Dhabi\",\"description\":\"Nov 25 - 28, Abu Dhabi, UAE\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Practical Mobile Exploitation - HITBSecConf2024 - Abu Dhabi","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/product\/practical-mobile-exploitation-auh2024\/","og_locale":"en_US","og_type":"article","og_title":"Practical Mobile Exploitation - HITBSecConf2024 - Abu Dhabi","og_description":"ATTEND IN-PERSON: Onsite at Abu Dhabi DATE: 25-27 Nov 2024 TIME: 09:00 to 17:00 GST\/GMT+4 Date Day Time Duration 25 Nov Monday 09:00 to 17:00 GST\/GMT+4 8 Hours 26 Nov Tuesday 09:00 to 17:00 GST\/GMT+4 8 Hours 27 Nov Wednesday 09:00 to 17:00 GST\/GMT+4 8 Hours After running sold-out training at multiple conferences over the [&hellip;]","og_url":"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/product\/practical-mobile-exploitation-auh2024\/","og_site_name":"HITBSecConf2024 - Abu Dhabi","article_modified_time":"2024-02-29T03:25:51+00:00","og_image":[{"width":540,"height":670,"url":"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/wp-content\/uploads\/sites\/23\/2024\/02\/Product-1.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/product\/practical-mobile-exploitation-auh2024\/","url":"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/product\/practical-mobile-exploitation-auh2024\/","name":"Practical Mobile Exploitation - HITBSecConf2024 - Abu Dhabi","isPartOf":{"@id":"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/#website"},"primaryImageOfPage":{"@id":"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/product\/practical-mobile-exploitation-auh2024\/#primaryimage"},"image":{"@id":"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/product\/practical-mobile-exploitation-auh2024\/#primaryimage"},"thumbnailUrl":"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/wp-content\/uploads\/sites\/23\/2024\/02\/Product-1.png","datePublished":"2024-02-22T02:57:35+00:00","dateModified":"2024-02-29T03:25:51+00:00","breadcrumb":{"@id":"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/product\/practical-mobile-exploitation-auh2024\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/conference.hitb.org\/hitbsecconf2024auh\/product\/practical-mobile-exploitation-auh2024\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/product\/practical-mobile-exploitation-auh2024\/#primaryimage","url":"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/wp-content\/uploads\/sites\/23\/2024\/02\/Product-1.png","contentUrl":"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/wp-content\/uploads\/sites\/23\/2024\/02\/Product-1.png","width":540,"height":670},{"@type":"BreadcrumbList","@id":"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/product\/practical-mobile-exploitation-auh2024\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/"},{"@type":"ListItem","position":2,"name":"Shop","item":"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/shop\/"},{"@type":"ListItem","position":3,"name":"Practical Mobile Exploitation"}]},{"@type":"WebSite","@id":"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/#website","url":"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/","name":"HITBSecConf2024 - Abu Dhabi","description":"Nov 25 - 28, Abu Dhabi, UAE","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"_links":{"self":[{"href":"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/wp-json\/wp\/v2\/product\/14973"}],"collection":[{"href":"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/wp-json\/wp\/v2\/product"}],"about":[{"href":"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/wp-json\/wp\/v2\/types\/product"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/wp-json\/wp\/v2\/media\/14972"}],"wp:attachment":[{"href":"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/wp-json\/wp\/v2\/media?parent=14973"}],"wp:term":[{"taxonomy":"product_cat","embeddable":true,"href":"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/wp-json\/wp\/v2\/product_cat?post=14973"},{"taxonomy":"product_tag","embeddable":true,"href":"https:\/\/conference.hitb.org\/hitbsecconf2024auh\/wp-json\/wp\/v2\/product_tag?post=14973"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}