On This Page

0x7DF Mobile Application Bootcamp - Journeyman Level

SensePost | August 1-2 & 3-4



Overview

This journeyman course presents you with a hands on introduction into testing mobile applications. The course aims to be as platform agnostic as possible and will provide you with the skills to get started with mobile application security testing. The methodology taught during this course allows students to apply their skills across a wide range of platforms, and provides the knowledge needed to apply security best practices to mobile application development.

Course Topics include:

1. Building Your Own Penetration Testing Platform
Having access to the right tools and platforms is key when testing mobile applications. Here we help students create the ultimate mobile testing platform and delve into hardware and emulators usage, common tools that work and intercepting the stream between mobile device and the Internet.

2. Mobile Application Analysis
Your lab is ready and you want to test the latest mobile phone application for vulnerabilities, but what next? This module starts with how you'd perform information gathering, looking at storage on the device, iOS/Android security and how you can test for weaknesses.

3. Testing Fundamentals
Being methodical when testing any application is key. We discuss authentication, authorisation, session management and storage and how they could all yield potential vulnerabilities.

The class is a mixture of lectures, hands-on and a final CULEX where you get to tear apart real-world mobile applications.

Who Should Take this Course

This course is ideal for those wanting to learn how attackers are compromising mobile platforms and applications, or penetration testers who are new to mobile platform and device penetration testing.

Student Requirements

Students need to ensure they have the necessary level of skill. No hacking experience is required for this course, but students should have a solid technical grounding and exposure to basic application development and coding.

Students should ideally have some development understanding and the ability to read code.

What Students Should Bring

  • Laptop with at least 4GB RAM and 20 GB free space
  • Working USB port
  • Devices will be supplied but if you wish to bring your own, by all means do

What Students Will Be Provided With

All course materials, code, and applications will be supplied.

Trainers

All SensePost trainers are active penetration testers who own networks, applications, mobiles and humans on a daily basis.