TECH TRAINING 3 – Mobile Application Hackers Handbook: Live Edition

Early Bird (< 30th June): SGD1499

Normal (> 1st July): SGD1999

The course follows chapters 1-9 of the Mobile Application Hacker’s Handbook, with a strong focus on practical attacks. Over the 2-day training course delivered by the lead author of the book, delegates will learn the tricks and techniques to hack mobile applications on the iOS and Android platforms.

After a short introduction in to the subject, we delve in to the following core modules:

  • Introduction to Mobile Application Security Assessment (Chapter 1)
  • Analyzing iOS applications (Chapter 2)
  • How to attack iOS applications (Chapters 3-4)
  • Securing iOS applications (Chapter 5)
  • Understanding Android applications (Chapter 6)
  • Exploiting Android applications (Chapter 7-8)
  • Securing Android applications (Chapter 9)

Attendees will gain theoretical and practical experience of:

  • The security protections on iOS and Android devices
  • How iOS and Android devices are jailbroken or rooted
  • How to quickly and efficiently pinpoint and exploit vulnerabilities in iOS and Android apps
  • How to decompile, reverse and patch iOS and Android apps
  • How to hack webviews, client-side databases and the keychain
  • Instrument application runtimes using Frida, Cydia Substrate and Cycript
  • Exploitation of IPC mechanisms including content providers, URL handlers, application extensions, broadcasts, activities and intents
  • Practical exploitation of poorly implemented cryptography
  • Bypass security controls such as root or jailbreak detection
  • Real-world 2015 techniques used to defeat real apps on iOS8 and Lollipop!
  • Knowledge of defensive and remedial advice

Prerequisite Knowledge

  • A basic knowledge of programming and mobile security concepts.

Hardware / Software Requirements

  • Administrative access to the laptop and the ability to install a few tools, and disable personal firewalls or virus scanners should they get in the way of the lab exercises.
  • We strongly recommend a personal laptop ­ if your corporate laptop build is too restrictive this may affect your ability to participate in the course fully.
  • A laptop with the capability to connect to wireless and wired networks.
  • The laptop should be of a reasonable specification, we recommend at least 8GB of RAM with at least 16GB of disk space free.
  • Students require a player to run VirtualBox images.

Training
Location: Hotel Fort Canning Date: October 12, 2015 Time: 9:00 am - 6:00 pm Dominic Chell