DeepSec 2025 Training: The Mobile Playbook – A Guide to iOS and Android App Security (hybrid – in person or online) – Sven Schleier
This intensive two-day course equips you with practical skills for identifying and exploiting vulnerabilities in mobile apps across both Android and iOS. You’ll analyze a mix of real-world apps and custom training apps using tools like Frida, Burp Suite, jadx and other open-source tools. By the end of the training, you’ll know how to: intercept and analyze any type of network traffic in mobile apps, even when SSL pinning is used, bypass protection mechanisms such as root/jailbreak detection, decompile APKs and perform manual source code reviews, reverse engineer Swift-based iOS applications and apply a thorough methodology based on the OWASP Mobile Application Security Testing Guide (MASTG). The labs cover static and dynamic analysis, reverse engineering, and Software Composition Analysis (SCA), all through hands-on exercises. No need to bring your own devices — each participant