Category: Mobile App Security

08 May 2019

Exploiting & Securing Mobile Apps – A Penetration Testing Training

This action packed training course is focused around teaching the attendees with skills required to perform penetration testing of Android & iOS applications in real world. The training is given using real world like application as the target, especially designed for this training purpose.

The course includes extremely unique, real world vulnerabilities. The attendees will be understanding the concept behind each vulnerability, and then exploiting the vulnerability on the target application. The flow of the course is designed in a way which ensures that the attendees understand each concept and are able to discover and exploit the vulnerabilities themselves. Training includes some of the unique vulnerabilities discovered and exploited on the famous mobile applications.

Download Detailed Training Agenda

Some of the vulnerabilities and topics covered in the training include: 

  • Static analysis to remote code execution
  • Static analysis to application compromise
  • User detail compromise through broadcast
  • Insecure file storage, leading to full account takeover (Android & iOS)
  • Insecure application components and exploitation
  • Insecure application screens and exploitation
  • Unintended sensitive data leakage
  • Bypassing application logic (logical vulnerability)
  • Deep linking and exploitation
  • Hacking mobile APIs (vulnerabilities in API)
  • Reverse engineering the application
  • Performing static and dynamic analysis on the application
  • Finding and exploiting real world vulnerabilities
  • Several Frida-tools use cases
  • Bypassing security controls like SSL pinning, root detection, obfuscation etc
  • Attacking APIs for vulnerabilities

Unique benefits of this training: 

  • Get practical hands-on training on real world like android and iOS apps
  • Learn finding and exploiting critical mobile application vulnerabilities 
  • Get access to training content like pdfs, guides, exploit codes, lab applications
  • Get access to virtual machine pre-installed with all needed tools (mostly for android) 

Details about the training

Training name : EXPLOITING & SECURING MOBILE APPS – A PENETRATION TESTING TRAINING

Training date: 29th – 30th June 2019

Training Timing: 10:00 AM – 5 PM

Training Venue: 

  • New Delhi, India (Exact venue to be shared with registered students)
  • Virtual Conferencing (for delegates to join remotely)

Discounts:

Discounts are only available on group booking.

  • Group registration of 3+ people: 10% discount
  • Group registration of 5+ people: 15% discount

Contact us at hello@enciphers.com for availing this discount.

Book Your Seat now.

Having issues while booking? Visit the Event booking page here

Terms and Conditions:

  • Pass prices are exclusive of taxes and gateway charges.
  • Passes are non-refundable & non-transferable.
  • In case of event cancellation, we will inform the attendees at least one weeks before the actual training date.
  • Registration fees does not include the cost of travel and accommodation of delegates. All delegates are requested to make their own arrangements and any associated fees for any other availability of services.
  • Delegates/attendees are expected to have the prerequisite ready for the training, before the training date.
29 Oct 2018

Workshop on DISCERNING HIGH IMPACT MOBILE APPS VULNERABILITIES at Bsidesdelhi on 25th Oct

About Conference
Bsidesdelhi is a event where professionals, experts, researchers, and InfoSec enthusiasts come together to discuss on information security.

 

Workshop highlights

This workshop was about High Impact Security Vulnerabilities in android and ios application.Workshop was focused on teaching how to test a mobile for some of the high impact security vulnerabilities and how to fix them.it was having good mix of presentations ,demos and hands on practicals on a VPS which was provided to attendees.

and some of the Vulnerability case studies were discussed why they exist, how to test such issues and fix them.

It was an awesome experience with attendees and Thanks for joining the workshop.
Hope to see you at Advance Level Web Hacking a part of “Art of Hacking” Series on 16 dec want to join the workshop check out the enciphers blog post about Advance Web Hacking.