This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Tuesday, October 11 • 9:00am - 5:00pm
Training Session - Mobile Application Exploitation iOS and Android Day 1 (2 Day)

Sign up or log in to save this to your schedule and see who's attending!

Even wondered how different attacking a Mobile application would be, from a traditional web application? Gone are the days when knowledge of just SQL Injection or XSS could help you land a lucrative high-paying infoSec job.

This will be an introductory course on exploiting iOS and Android applications. The training will be based on exploiting Damn Vulnerable iOS app, Android-InsecureBankv2 and other vulnerable applications that are written by the trainers in order to give an in-depth knowledge about the different kinds of vulnerabilities in an Mobile applications. This course will also discuss how an attacker can compromise a mobile application. After the workshop, the students will be able to successfully pentest and secure applications running on the various operating systems.

The training will also include a CTF challenge in the end where the attendees will use their skills learnt in the training to solve the CTF challenges.

Below is the ToDo's for the attendees:

* 20+ GB free hard disk space 
* 3+ GB RAM 
* VMware player installed on the machine
* Latest version of Android SDK. To make sure the setup is right, follow all the steps on https://github.com/dineshshetty/Android-InsecureBankv2/blob/master/Usage%20Guide.pdf
* A jailbroken iPhone/iPad/iPod for iOS testing.
* If you are using a Mac machine, also download and install the latest version of Xcode.

avatar for Prateek Gianchandani

Prateek Gianchandani

Prateek Gianchandani, an OWASP member and contributor has been working in the infosec industry for about 5 years. During his five years, he has performed a number of penetration tests on mobile and web applications and even developed a lot of applications for the App Store. His core focus area is iOS application pentesting and exploitation. He is also the author of the open source vulnerable application named Damn Vulnerable iOS app. He has... Read More →
avatar for Dinesh Shetty

Dinesh Shetty

Security Innovation
Dinesh leads the Mobile Security Testing Center of Excellence at Security Innovation. He has performed innumerable penetration tests on Web, Mobile and VoIP technologies - however his core area of expertise is Mobile and Embedded application pentesting and exploitation. He is an accomplished author and speaker, and his research has been published in multiple security zines and sites like Packet Storm, Exploit-DB, PenTest Magazine... Read More →

Tuesday October 11, 2016 9:00am - 5:00pm
Meeting Room 14

Attendees (18)