DeepSec Training: Improve your Pen-Testing Skills for Mobile Devices

René Pfeiffer/ September 29, 2023/ Conference, Training/ 0 comments

Mobile devices are a common tool for businesses and private users. We have become accustomed to carry Internet-enabled devices with us. How do you test if your device is secure? What is the best way to find security weaknesses? Mobile security testing requires different tools and different knowledge of the platform and the applications involved. DeepSec 2023 offers a training to get you started with pen-testing all things mobile. The focus is on Android and iOS apps. Sven Schleier will help you to analyse apps, intercept network traffic, and to identify weaknesses that can be turned into exploits. The course is a deep-dive into mobile technology. It also helps you when you need to bypass SSL pinning, Touch ID, Face ID, or similar barriers. Circumventing anti-jailbreaking technologies are covered, too. The skills are absolutely

Read More

DeepSec 2018 Training: Advanced Penetration Testing in the Real World – Davy Douhine & Guillaume Lopes

Sanna/ September 24, 2018/ Conference, Security, Training

Guillaume and Davy, senior pentesters, will share many techniques, tips and tricks with pentesters, red teamers, bug bounty researchers or even defenders during a 2-day 100% “hands-on” workshop. This is the very training you’d like to have instead of wasting your precious time trying and failing while pentesting. The main topics of the training are: Buffer overflow 101: Find and exploit buffer overflows yourself and bypass OS protections. (A lot of pentesters don’t even know how it works. So let’s have a look under the hood); Web exploitation: Manually find and exploit web app vulnerabilities using Burpsuite. (Yes, running WebInspect, AppScan, Acunetix or Netsparker is fine but you can do a lot more by hand); Network exploitation: Manually exploit network related vulnerabilities using Scapy, ettercap and Responder. (Because it works so often when doing

Read More

DeepSec2017 Workshop: Mobile App Attack – Sneha Rajguru

Sanna/ October 16, 2017/ Conference, Training

The world’s gone mobile. Mobile devices have surpassed the standard computer (i.e. desktop) installation multiple times. In turn this means that you will encounter these devices most definitely when testing or implementing security measures. Usually adversaries do not use the platform itself. They use software to gain entry. This is why mobiles apps are the most preferred way of delivering the attacks today. Understanding the finer details of mobile app attacks is soon becoming an essential skill for penetration testers as well as for the app developers & testers. This is why we have a special training for you at DeepSec 2017. So, if you are an Android or an iOS user, a developer, a security analyst, a mobile pen-tester, or just a mobile security enthusiast the training ‘Mobile App Attack’ is of definite

Read More