AppSec USA 2016 has ended
Back To Schedule
Tuesday, October 11 • 9:00am - 5:00pm
Training Session - Mobile Application Exploitation iOS and Android Day 1 (2 Day)

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Even wondered how different attacking a Mobile application would be, from a traditional web application? Gone are the days when knowledge of just SQL Injection or XSS could help you land a lucrative high-paying infoSec job.

This will be an introductory course on exploiting iOS and Android applications. The training will be based on exploiting Damn Vulnerable iOS app, Android-InsecureBankv2 and other vulnerable applications that are written by the trainers in order to give an in-depth knowledge about the different kinds of vulnerabilities in an Mobile applications. This course will also discuss how an attacker can compromise a mobile application. After the workshop, the students will be able to successfully pentest and secure applications running on the various operating systems.

The training will also include a CTF challenge in the end where the attendees will use their skills learnt in the training to solve the CTF challenges.

Below is the ToDo's for the attendees:

* 20+ GB free hard disk space 
* 3+ GB RAM 
* VMware player installed on the machine
* Latest version of Android SDK. To make sure the setup is right, follow all the steps on https://github.com/dineshshetty/Android-InsecureBankv2/blob/master/Usage%20Guide.pdf
* A jailbroken iPhone/iPad/iPod for iOS testing.
* If you are using a Mac machine, also download and install the latest version of Xcode.

avatar for Prateek Gianchandani

Prateek Gianchandani

Prateek Gianchandani, an OWASP member and contributor has been working in the infosec industry for about 5 years. During his five years, he has performed a number of penetration tests on mobile and web applications and even developed a lot of applications for the App Store. His core... Read More →
avatar for Dinesh Shetty

Dinesh Shetty

Sr Security Manager, Security Innovation
Dinesh leads the Mobile Security Testing Center of Excellence at Security Innovation. He has performed innumerable penetration tests on Web, Mobile and VoIP technologies - however his core area of expertise is Mobile and Embedded application pentesting and exploitation. He is an accomplished... Read More →

Tuesday October 11, 2016 9:00am - 5:00pm EDT
Meeting Room 14