Study at your own pace
MASPT comes with life-time access to course material and exercises on Mobile application security.
MASPT v2
Mobile Application Security and Penetration Testing
Iscriviti per ottenere l'accesso al nostro materiale formativo e ai laboratori!
Extremely Hands-on
Practice Mobile Application Security and Penetration Testing against a number of real world mobile applications that you can download and play with at any time.
Become Certified
Obtain the eMAPT certification and prove your practical skills with the only 100% practical certification on Mobile Application Security and Penetration Testing
Dai un'occhiata al corso
- Start from iOS and Android architectures basics
- Exposes Android and iOS vulnerabilities in-depth
- Covers mobile OSs security mechanisms and implementations
- Covers Mobile applications reverse engineering
- In depth mobile applications static and dynamic analysis
- Practice on real world mobile applications
- Build your own home lab on mobile application security
- Provides you the skills necessary to peform Penetration tests of mobile applications
- Covers: APKTool, Dex2Jar, GDB Debugger, Cycript and many others
- After obtaining the eMAPT certification qualifies you for 40 CPE
Materiale del corso
4 hours of video training material
21 highly technical modules- 26 apps to practice with
Fruizione del corso
Self-paced
Off-line access available
Access from PC, Tablet and Smartphone
Prova il corso gratuitamente
Syllabus
Sezione: Android
- Modulo 1 : Android: Android Architectures
Before we dive into Security and Penetration Testing, we will introduce you to the Android environment. There are few key concepts you should be familiar with before we get started.
- Modulo 2 : Android: Setting up a Testing Environment
Prior to diving into Android Application Security, we need to have a means to examine, build, debug and run applications. For these purposes, we’ll need to install the Android Studio IDE (Integrated Development Environment).
- Modulo 3 : Android: Android Build Process
Understanding how Android Studio compiles the code and resources into a working Android application will help you better understand how all the pieces fit together. This will also provide insight into the protection employed to guarantee the authenticity of applications and circumstances by which they can be rendered meaningless.
- Modulo 4 : Android: Reversing APKs
In this section, we’ll discuss the process of reversing Android applications. This is an important skill for anyone who wants to audit the security of third-party applications where the source code is unavailable.
- Modulo 5 : Android: Device Rooting
Rooting is a process by which one obtains “root” or system level access to an Android device. In this module you will learn why it can be important for our security tests but also which are the implications of rooting a device.
- Modulo 6 : Android: Android Application Fundamentals
In order to perform a thorough pentest on Android application you must know and master all its components. In this module you will study all the fundamental concepts and topics that you may encounter during your security test tasks
- Modulo 7 : Android: Network Traffic
Mobile devices are unique in how they use networks, being almost exclusively wireless and often bouncing between cellular and Wi-Fi networks. To lower cellular data traffic, some cellular carriers provide Wi-Fi hotspots for their customers. Bad guys know this and will often set up fake Wi-Fi networks, tricking the devices into connecting. In this module you will learn how to configure your environment in order to inspect and analyze network traffic.
- Modulo 8 : Android: Device and Data Security
How securely data is stored on mobile devices has become a hot topic lately. In fact, Insecure Data Storage is second most common vulnerability, according to the OWASP Mobile Top Ten.
- Modulo 9 : Android: Tapjacking
If you are familiar with Clickjacking in web applications, you’re already familiar with the basic concepts of Tapjacking. In a Tapjacking attack, a malicious application is launched and positions itself atop a victim application. In this module you will see some example of Tapjacking, but also how to properly develop an Application to solve this issue.
- Modulo 10 : Android: Static Code Analysis
Static Code Analysis is a process for programmatically examining application code on disk, rather than while it is running. There are numerous scientifically rigorous approaches to the problems of validating that code is free of errors. In this module you will learn how to perform security tests on Android application by using different static code analysis.
- Modulo 11 : Android: Dynamic Code Analysis
Dynamic Code Analysis is the process by which code is reviewed for vulnerabilities by actually executing some or all of the code. This execution could occur in a normal environment, virtualized environment or a debugger. This type of inspection also allows you to directly observe network requests, interactions with other applications and the results of any error conditions encountered.
Sezione: iOS
- Modulo 1 : iOS: iOS Architecture
To understand the iOS ecosystem, we need to realize that iOS operating system is based on Darwin OS, which was originally written by Apple in C, C++ and Objective-C. Darwin is also at the heart of OSX, and thus OS X and iOS share some common foundation.
- Modulo 2 : iOS: Device Jailbreaking
Jailbreaking is the process of actively circumventing/removing such restrictions and other security controls put in place by the operating system. This allows users to install unapproved apps (apps not signed by a certificate issued by Apple) and leverage more APIs, which are otherwise not accessible in normal scenarios.
- Modulo 3 : iOS: Setting up a Testing Environment
Before we proceed, it is important to understand a few fundamental concepts unique to apple ecosystem, and more precisely related to the iOS app development process. Apple provides simulators for different hardware and iOS versions.
- Modulo 4 : iOS: iOS Build Process
In this module you will learn how the iOS build process works and what are the differences between running an application on a device or the emulator.
- Modulo 5 : iOS: Reversing iOS Apps
There is an incentive for an attacker to examine and understand how the software works, so that they can then look for further weak spots or patch/manipulate those binaries to their advantage. In this module you will see which are the most used techniques and tools to successfully reverse iOS application.
- Modulo 6 : iOS: iOS Application Fundamentals
In order to perform a thorough pentest on iOS applications you must know and master all its components. In this module you will study how applications are composed and what each component is useful for.
- Modulo 7 : iOS: iOS Testing Fundamentals
In this module you will start running your security tests against iOS Applications. Depending on the target of your tests, you will learn different techniques and use multiple tools to reach your goal.
- Modulo 8 : iOS: Network Traffic
In this module you will learn how to configure your environment in order to inspect and analyze network traffic.
- Modulo 9 : iOS: Device Administration
iOS 6 and later versions, have a built in support for powerful device management capability with fine grain controls that allows an organization to control the corporate apple devices and data stored on it. In this module you will see which options organizations have to get clear visibility into all the active devices, ensure that the devices are in compliance, that the software running on these devices is up to date and much more.
- Modulo 10 : iOS: Dynamic Analysis
There is a certain class of applications, that has significant amount of client side logic built into it. Typical examples include word-processing software, image editors, games, utilities etc. In such cases, there is an incentive for attackers to be able to examine and understand how the software works, so that they can then look for further weak spots in the application or bypass restrictions that are applied locally.
Pre-requisiti
- Basic knowledge of programming fundamentals.
- Basic knowledge of programming languages such as Java and Objective-C/Swift.
- OSX El Capitan and an iOS (version 8.3) device such as iPod, iPhone, iPad required for some of the iOS topics.
- Basic security concepts such as : cryptography, reverse engineering, SQL injections and web tools such as Wireshark and OWASP ZAP (or Burp)
Questo corso di formazione è per...
- Penetration testers
- Forensers
- Mobile App Developers
- IT personnel
Laboratori
During the Mobile Application Security and Penetration Testing course you will have to deal with several guided labs and exercises that will help you to improve your mobile pentesting skills.
These labs are Android and iOS applications that you have to test in order to apply the techniques explained and reach the final goal. Depending on the lab you will be provided with the application installer or the source code of the application.
During your tests you will have to: Install, run and test each application, Find security issues, Develop a Proof-of-Concept (PoC) exploit for each issue found
| Lab ID | Descrizione | Categoria |
|---|---|---|
| Lab 1 | StartingLab | Android |
| Lab 2 | Locating Secrets | Android |
| Lab 3 | Bypass Security Controls | Android |
| Lab 4 | Obfuscation | Android |
| Lab 5 | Outlook | Android |
| Lab 6 | UberCab | Android |
| Lab 7 | PinTester | Android |
| Lab 8 | PatchMe | Android |
| Lab 9 | Insecure External Storage | Android |
| Lab 10 | ReadExternalStorage (InsecureExternalStorage Exploit POC) | Android |
| Lab 11 | Tapjacking | Android |
| Lab 12 | GoatDroid | Android |
| Lab 13 | InjectMe | Android |
| Lab 14 | FileBrowser | Android |
| Lab 15 | FileBrowserExploit (FileBrowser Exploit POC) | Android |
| Lab 16 | NoteList | Android |
| Lab 17 | Leack Result | Android |
| Lab 18 | Vulnerable Receiver | Android |
| Lab 19 | Silly Service | Android |
| Lab 20 | WeakWallet | Android |
| Lab 21 | Starting Lab | iOS |
| Lab 22 | eLS_LogIn (Reverse Engineering Lab) | iOS |
| Lab 23 | eLS_LogIn (Dynamic Analysis Lab) | iOS |
| Lab 24 | eLS_LogIn2 | iOS |
| Lab 25 | Secure OTP generator | iOS |
| Lab 26 | SSL pinning iOS | iOS |
Certificazione
Get eMAPT Certification
eLearnSecurity's eMAPT (eLearnSecurity Mobile Application Penetration Tester) certification is the only certification that proves that you know Mobile Application Security and Penetration Testing in practice.Istruttori
Dimitrios BougioukasDimitrios Bougioukas is a Senior IT Security researcher and instructor at eLearnSecurity and holds a B.Sc. in Computer Science from the Athens University of Economics and Business. For the past 4 years, he has worked as a Business Information Security Engineer and Information Security Analyst for a major financial institution and as a penetration tester within EY's practice. Dimitrios specializes in advanced cyber threat simulation, threat intelligence and purple team tactics. He has been engaged on numerous penetration testing activities against critical infrastructure, web applications and mobile applications. In terms of research, Dimitrios has presented at information security conferences such as BSides and has received acknowledgements from security, telecom and other major companies for finding and reporting vulnerabilities in their web applications, in a responsible manner (IBM Trusteer, LG etc.). In the context of his professional career, his work led to international and regional information security awards in prestigious and highly competitive contests such as Retail Banker International Awards.
Anthony TrummerTony is the Director of Security Engineering in Tinder and has 20 years IT experience, including network engineering/security, systems administration, consulting and application security. He is recognized in the Android Security Acknowledgements and numerous responsible disclosure programs, such as Microsoft, Yahoo, WordPress and Uber. He is also the creator and core contributor to QARK. Speaker/Presenter: DefCon, Wall of Sheep, Black Hat London, Black Hat USA, BSides Las Vegas, DeepSec, Hack-in-The-Box, AppSec California and AppSec USA
Tushar DalviTushar is a security enthusiast, and currently works as a Senior Information Security Engineer at LinkedIn. He specializes in the area of application security, with a strong focus on vulnerability research and assessment of mobile applications. Previously, Tushar has worked as a security consultant at Foundstone Professional Services (McAfee) and as a Senior developer at ACI Worldwide.
Francesco StillavatoHis experience spans from web application secure coding to secure network design. He has contributed to the Joomla project as a Developer and has conducted a number of assessments as a freelance. Francesco Stillavato's research is now focused on Mobile Application Penetration Testing on Android and iOS. Publications: Francesco is the co-author of the Penetration testing course Professional, Mobile Application Security and Penetration Testing, Penetration Testing Student and author of all Hera Lab scenarios.
Iscriviti per ottenere l'accesso al nostro materiale formativo e ai laboratori!