This course will focus on the techniques and tools for testing the security of Android mobile applications. During this course the students will learn about important topics such as the Android Security model, the Android runtime, how to perform static analysis, traffic manipulation, memory dumps, debugging , code modification and dynamic analysis – from zero knowledge of the APK to full exploitation. Students of this course will learn how to operate and make the best of the AppUse custom VM for Android application penetration testing, from its own creators.
By taking this course you will be able to perform penetration testing on Android mobile applications and expose potential vulnerabilities in the tested application such as insecure storage, traffic manipulation, malicious intents, authentication and authorization problems, client side SQLi, bad cryptography, and more.
Members of the security / software development team:
Before attending this course, students should be familiar with:
Please make sure that each machine has:
Erez Metula is a world renowned application security expert, spending most of his time finding software vulnerabilities and teaching developers how they should avoid them. Erez has an extensive hands-on experience performing security assessments, code reviews and secure development trainings for worldwide organizations, and had previously talked at international security conferences such as BlackHat, Defcon, OWASP, RSA, SOURCE, CanSecWest and more. His latest research on Managed Code Rootkits, presented at major conferences throughout the world, was published recently as a book by Syngress publishing. He is the founder of AppSec Labs, where he focuses on advanced application security topics. Erez holds an MSc in computer science and he is CISSP.