DeepSec 2023 Training: Mobile Security Testing Guide Hands-On – Sven Schleier

Sanna/ June 5, 2023/ Training

Software cannot be tested by machines alone. In order to identify security weaknesses, you will need the right toolchain and expertise on how to use the tools. Therefore, we asked Sven Schleier to give you a two-day deep dive into mobile security testing. Embark on an exciting journey to master the art of hacking mobile apps! Join this course led by Sven Schleier, where you’ll learn how to analyze mobile apps for security vulnerabilities. With dynamic testing, static analysis, and reverse engineering techniques, you’ll uncover the secrets of app attacks. Dive into Android and iOS testing, using virtualized devices provided by Corellium. Each student will get a rooted Android and jail broken iOS instance for the duration of the training and the only pre-requisite is having a laptop with macOS, Windows, or Linux. Explore

Read More

DeepSec 2022 Training: Mobile Security Testing Guide Hands-On (Hybrid edition) – Sven Schleier

Sanna/ July 12, 2022/ Training

This course teaches you how to analyse Android and iOS apps for security vulnerabilities, by going through the different phases of testing, including dynamic testing, static analysis and reverse engineering. Sven will share his experience and many small tips and tricks to attack mobile apps that he collected throughout his career and bug hunting adventures. We asked Sven a few more questions about his training. Please tell us the top 5 facts about your training. Learn a holistic and consistent method for testing the security of mobile apps A full Penetration Test against iOS apps can also be done on a non-jailbroken device! Learn how to bypass Anti-Frida security controls in a mobile app with… FRIDA! Focus on hands-on exercises during the training with vulnerable apps build by the trainer You just need to

Read More

DeepSec 2021 Training: Mobile Security Testing Guide Hands-On – Sven Schleier

Sanna/ September 1, 2021/ Training

LIVE ONLINE TRAINING [Note: This training will be completely remote. This allows you to better plan your workshop commitments when booking tickets. You can also by a ticket for just attending this training (without access to the conference). In that case please write an e-mail to speaker@deepsec.net] Mobile apps are omnipresent in our lives and we are using more and more apps to support us, ranging from simple to complex daily tasks. Even though modern mobile operating systems like iOS and Android offer great functionalities to secure data storage and communication, these have to be used correctly in order to be effective. Data storage, inter-app communication, proper usage of cryptographic APIs and secure network communication are only some aspects that require careful consideration. The OWASP Mobile Security Testing Guide (MSTG) is a comprehensive manual

Read More