Ihr Partner für IT-Infrastruktur- und Securityschulungen seit über 20 Jahren.

Hacking Mobile Apps - Online Workshop

11. Mai 2022
12. Mai 2022
1990,00 EUR (zzgl. MwSt.)
Diesen Kurs buchen
Freie Plätze:
10 von 10
Herr Ahmad Abolhadid



A new two day course in English LIVE ONLINE

Hacking Mobile Apps

Your trainer is Ahmad Abolhadid


A webinar particpation is possible from any PC/lap top with a stable internet connection.
You don´t need additional software. We recommend to use Google Chrome if possilbe, alternatively Firefox and Edge On Chrome basis are possible. We recommend a direct internet connection. If access takes place via VPN there may qualitative restrictions which are outside our area of influence. Access to the training lab will take place via your browser. Exercises can be implemented without additional software. The workshop will of course be transmitted live from the ERNW studio. The course material as well as possible demos and of course the trainer is always visible and will be shown depending on the requirements or will be emphasized. We will provide the training material electronically before the start of the course. The trainer will answer questions live. A microfone and/or camera are optional. You can also ask questions via chat.



We start from scratch, therefore no prior experience in hacking nor development is required. This workshop combines what you need to learn hacking and pentesting of mobile apps. In addition to the 2 most popular types: android, iOS, this workshop discusses hybrid mobile apps, which get more popular every day. The workshop offers many demos and exercises. We use powerful online emulators that makes the online learning experience as real as possible.


Course Agenda


  • Types of Mobile Apps
  • Explanation of the course


General Mobile Apps Security

  • Introduction to Mobile Apps
  • General App Security Features
  • Sandboxing, IPC j...etc
  • Secure Development Life cycle
  • Introdution to penetration testing phases
  • Mobile OWASP Top 10


Hacking Android

  • Introduction to Android OS
  • Test environment setup
  • MitM with Burp suite
  • User experience
  • Android App’s storage
  • Exploiting Insecure Storage
  • Decompiling APK
  • App Components
  • Intents and intent filters
  • IPC vulnerabilities
  • Manual Code Analysis
  • Automatic Code scanning
  • Runtime Tampering using Frida


Hacking iOS

  • Introduction to iOS
  • Security features in iOS
  • Jailbreak
  • Test environment setup
  • MitM with Burp suite
  • Introduction to iOS Apps
  • iOS Data Storage
  • iOS insecure Storage
  • Side channel leaks
  • Demo: dumping decrypted version of app
  • IPC vulnerabilities
  • Runtime Manipulation using objection
  • Static Analysis


Hacking Hybrid Apps and API

  • Introduction to hybrid Apps
  • Overview of API OWASP Top 10
  • Introduction to SQL Injection
  • Exploting SQL Injection at mobile API
  • Introduction to XSS
  • Exploiting XSS in mobile apps
  • XSS attacks over IPC
  • Webviews
  • Webview vulnerabilities
  • Cordova security
  • Attacks on cordova apps
  • Further API attacks



All HM Training Solutions Seminars are available as On-Site presentations, tailored to meet the specific requirements of your organisation.

For details please telephone +49 (0) 6022 508 200


In this workshop you learn

  • The methodology of hacking mobile apps
  • OWASP Top 10 vulnerabilities of mobile apps
  • Static and dynamic analysis of mobile apps
  • The required tools to pentest and hack mobile apps
  • Attacking API of mobile apps
  • Using Frida to manipulate apps
  • Measures to secure your mobile apps


What we prepared for you

  • Dedicated chapters for android, iOS and hybrid apps
  • A Virtual Box Virtual machine that contains all required tools
  • Vulnerable apps developed specially for this workshop
  • Dedicated Emulators for exercises


Who Should Attend This Course

The workshop does not require any experience in hacking or coding. Everybody is welcome, including:

  • Penetration testers starting to hack mobile applications
  • Mobile application developers, who want to develop more secure apps
  • IT-Professionals transitioning to security
  • Anyone interested in mobile security


Course Requirements

Laptop with Virtual Box and at least 40GB of disk space, 6GB of RAM.

  • Your willingness to learn
  • (Optional) Microsoft Teams. You can also join the video conference using your browser


Speaker Biography

Your Trainer, Ahmad Abolhadid is a penetration tester and a security analyst at ERNW. He has a deep experience in pentesting mobile apps, web apps, infrastructure and other fields. Additionally, he develops mobile pentest tools such as AndroTickler. He also enjoys creating and giving workshops to exchange experiences. Furthermore, he has previous working experiences in the field of telecommunications. He also holds a Masters degree of CME from Hochschule Offenburg.





Dateien zum herunterladen

Diesen Kurs buchen: Hacking Mobile Apps - Online Workshop

Wenn Sie bereits registriert sind, bitte hier direkt einloggen




weitere Teilnehmer


* notwendige Angaben


englischsprachige IT-Security Online Trainings vom 18. Oktober 05. November



TLS in the Enterprise
Frieder Steinmetz, Dennis Heinze

Docker, Kubernetes & Security in Enterprise Environments
Kevin Kelpen, Florian Bausch, Sebastian Sartor

Hardening Microsoft Environments
René Mathes, Lennart Brauns

Hacking Mobile Apps
Ahmad Abolhadid

Hacking Bureaucracy
Greg Conti

Cloud Security Masterclass: Defender's Guide to Securing Public Cloud Infrastructure
Abhinav Singh

Hacking Enterprises - 2021 Edition
Will Hunt, Owen Shearing

Defending Enterprises
Will Hunt, Owen Shearing

Intrusion Analysis and Threat Hunting with Open Source Tools
Josh Stroschein

Reverse Engineering of Android Malware
Axelle Apvrille

Mastering Mimikatz and Kekeo
Carlos Perez






+49 6022 508-200
E-mail: info@hm-ts.de

HM Training Solutions
Falkenstraße 6
63820 Elsenfeld


Wenn Sie unsere Newsletter erhalten möchten, tragen Sie hier Ihren Daten ein.
Ich akzeptiere die Allgemeinen Geschäftsbedingungen und die Datenschutzerklärung