Course Content
Mobile App Penetration Testing and Ethical Hacking
- The Attacker's View of the Mobile
- Overview of the Mobile Applications from a penetration tester's perspective
- Overview of the various mobile platform architectures
- Overview of different types of vulnerabilities
- How to define a mobile application test scope and process
- Types of mobile penetration testing
- Methodology to Improve Mobile Application Security
- Knowing your threats
- Securing the network, host and application
- Incorporating security into your software development process
- Moobile Application Security Policy
Mobile Threats, Attacks, Vulnerabilities, and Countermeasures
- Asset
- Threat
- Vulnerability
- Attack (or exploit)
- Countermeasure
- Application Threats / Attacks
Key Security Requirements in the Mobile Environment
- Certificate Storage/Management
- Storage/Management
- Digital Signature
- PIN/password protection
- Remote applet management
- Content storage/encryption
- Identity management
- Secure data exchange
- Authentication and Integrity management
Mobile Application Security, Penetration, and Secure Coding
- Mobile applications security testing
- Application penetration testing & ethical hacking
- Language specific secure software development: Objective C, C/C++,Java/JEE, HTML5, ActionScript, Ruby, and CSS
- Digital Certificates, Digital Signatures, Keys, Trust Services, PKI,Keychain, Remote Transport Security, SSL and TLS
- Sensitive data unprotected at rest
- Buffer overflows and other C programming issues
- Secure communications to servers
- Patching your application
Mobile App Security Concepts
- Security in mobile app development platforms
- Overview of iOS security architecture
- Overview of Android security architecture
- Overview of Windows Phone 7 security architecture
- Security features of iOS and Android
- Keychain Services
- Security APIs in iOS and Android
- Assets, threats, and attacks
- Security Technical
- Security Testing
Securing Mobile Applications
- Access Applications
- VPN and Secure Storage of Data
- Protection of Downloaded and Broadcasted Content
- Mobile DRM
- Service and Content Protection for Mobile Broadcast Services
- Security Requirements
- Authentication Applications
- Extensible Authentication Protocol (EAP)
- Generic Bootstrapping Architecture (GBA)
- Public Key Infrastructure (PKI) and Certificate-based Authentication
- Identity Selection Applications
- Security and Trust Model of Identity Selector
- Mobile Applications Security Feature Requirement Matrix Overview of the infrastructure within the mobile application
- Overview of Wireless Networks: Access and Core
- Overview of Mobile Development Platforms
- Mobile platforms security architecture
- SSL/TLS/DTLS configurations and weaknesses
- Google and Facebook hacking
- Hacking to Social Networks
Methods to Decompile Client-side Code
- Objective C
- C/C++
- Java
- HTML5
- ActionScript
- Ruby
- CSS
Various Vulnerabilities in Mobile Environments
- Information leakage
- Username harvesting
- Command injection
- SQL injection
- Blind SQL injection
- Session issues
- Hacking the keys
- Fuzzing
- Attacking Web services
- Malicious applets and objects
- Vulnerabilities in Mobile application through discover of the client components
- Methods for attacking mobile services
- Methods to zombify browsers
- Using zombies to port scan or attack internal networks
- Explore attack frameworks
- Walk through an entire mobile attack scenario
- Exploit the various mobile app vulnerabilities
Advanced Mobile app Security Topics
- Application Threats / Attacks
- Input Validation
- Authentication
- Authorization
- Configuration management
- Sensitive information
- Session management
- Cryptography
- Parameter manipulation
- Exception management
- Auditing and logging
- Impact on Security on Performance
- Attack Types and Methods to Prevent them
- Buffer overflow
- Cross-site scripting
- SQL injection
- Canonicalization
- Network eavesdropping
- Brute force attack
- Dictionary attacks
- Cookie replay
- Credential theft
- Elevation of privilege
- Disclosure of confidential data
- Data tampering
- Luring attacks
- Unauthorized access to administration interfaces
- Unauthorized access to configuration stores
- Retrieval of clear text configuration data
- Lack of individual accountability
- Over-privileged process and service accounts
- Access sensitive data in storage
- Network eavesdropping; data tampering
- Session hijacking; session replay
- Man in the middle
- Poor key generation or key management
- Weak or custom encryption
- Query string manipulation
- Form field manipulation
- Cookie manipulation
- HTTP header manipulation
- Information disclosure; denial of service