<aside> <img src="https://s3-us-west-2.amazonaws.com/secure.notion-static.com/5eb252ab-43cc-4375-b659-a6e34f2eb9b0/4073090.png" alt="https://s3-us-west-2.amazonaws.com/secure.notion-static.com/5eb252ab-43cc-4375-b659-a6e34f2eb9b0/4073090.png" width="40px" /> A hands-on course aiming to arm developers with the skills, in-depth knowledge and battle-proven techniques necessary to exploit mobile applications. The course also covers unique platform features and security services that make developers' lives easier – and create new difficulties for penetration testers. Starting from the ground up, the course discusses the underlying security philosophy of both major mobile platforms, consequent approaches to security mechanisms, developer choices and associated risks. You’ll get a quick start on analysing mobile applications both statically and using an emulator or physical device. Attendees will complete the course with all of the knowledge they need to get hands-on with real mobile applications and take their skills even further.

</aside>

<aside> 🗓️ Booking is open for classes: SEP 21+23 [WE,FR] EU/UK/SG time

</aside>

<aside> 💳 Book now, secure your seat, get your corporate invoice or an individual payment link, pay later! Via the booking/enrolment form or [email protected]

</aside>

def.dev | LinkedIn

<aside> 🗣️ Contact us with any additional questions. Let's settle your concerns :) by setting up a call (form) or via [email protected] or dm to @defdeveu or call +32476222722

</aside>

Description

Topics highlight

Audience

Who should attend the training:

Attendees will be provided with:

Objective

The masterclass is a practice focused hands-on training aiming to provide the audience with the necessary skills, the necessary intimate knowledge and battle proven experience that is inevitable to perform successful vulnerability exploitation of mobile applications. The training discusses the unique Android platform features and security services that make developer's lives easier but the work of a penetration tester's work harder at the same time. Starting from the ground up, the training discusses the underlying philosophy of both platforms, the consequent approaches for security mechanisms, developer choices and the associated risks.

Besides discussing the usual attack vectors for a mobile application (e.g. attacking the sandbox, the network traffic, trying to circumvent protection mechanisms that aim to detect being run on a tainted device etc.), the course provides information on how to get started, how to build a mobile application testing environment. We discuss the necessary equipment, emulators, simulators, other necessary (and not necessary but definitely useful) hardware and software requirements. We pay special attention on how to prepare hardware based testing equipment, i.e. how to root or jailbreak a device and how to get all the gear up and running.