Even wondered how different attacking a Mobile application would be, from a traditional web application? Gone are the days when knowledge of just SQL Injection or XSS could help you land a lucrative high-paying infoSec job.
This will be an introductory course on exploiting iOS and Android applications. The training will be based on exploiting Damn Vulnerable iOS app, Android-InsecureBankv2 and other vulnerable applications that are written by the trainers in order to give an in-depth knowledge about the different kinds of vulnerabilities in an Mobile applications. This course will also discuss how an attacker can compromise a mobile application. After the workshop, the students will be able to successfully pentest and secure applications running on the various operating systems.
The training will also include a CTF challenge in the end where the attendees will use their skills learnt in the training to solve the CTF challenges.
Below is the ToDo's for the attendees:
* 20+ GB free hard disk space
* 3+ GB RAM
* VMware player installed on the machine
* Latest version of Android SDK. To make sure the setup is right, follow all the steps on
https://github.com/dineshshetty/Android-InsecureBankv2/blob/master/Usage%20Guide.pdf* A jailbroken iPhone/iPad/iPod for iOS testing.
* If you are using a Mac machine, also download and install the latest version of Xcode.