Ihr Partner für IT-Infrastruktur- und Securityschulungen seit über 20 Jahren.

Hacking Mobile Apps - Online Workshop

Beginn:
11. Mai 2022
Ende:
12. Mai 2022
Kurs-Nr.:
M09-22-05
Preis:
1990,00 EUR (zzgl. MwSt.)
Ort:
online
Diesen Kurs buchen
Freie Plätze:
10 von 10
Trainer:
Herr Ahmad Abolhadid

Beschreibung

M09

A new two day course in English LIVE ONLINE

Hacking Mobile Apps

Your trainer is Ahmad Abolhadid

 

A webinar particpation is possible from any PC/lap top with a stable internet connection.
You don´t need additional software. We recommend to use Google Chrome if possilbe, alternatively Firefox and Edge On Chrome basis are possible. We recommend a direct internet connection. If access takes place via VPN there may qualitative restrictions which are outside our area of influence. Access to the training lab will take place via your browser. Exercises can be implemented without additional software. The workshop will of course be transmitted live from the ERNW studio. The course material as well as possible demos and of course the trainer is always visible and will be shown depending on the requirements or will be emphasized. We will provide the training material electronically before the start of the course. The trainer will answer questions live. A microfone and/or camera are optional. You can also ask questions via chat.

 

Description

We start from scratch, therefore no prior experience in hacking nor development is required. This workshop combines what you need to learn hacking and pentesting of mobile apps. In addition to the 2 most popular types: android, iOS, this workshop discusses hybrid mobile apps, which get more popular every day. The workshop offers many demos and exercises. We use powerful online emulators that makes the online learning experience as real as possible.

 

Course Agenda

Introduction

  • Types of Mobile Apps
  • Explanation of the course

 

General Mobile Apps Security

  • Introduction to Mobile Apps
  • General App Security Features
  • Sandboxing, IPC j...etc
  • Secure Development Life cycle
  • Introdution to penetration testing phases
  • Mobile OWASP Top 10

 

Hacking Android

  • Introduction to Android OS
  • Test environment setup
  • MitM with Burp suite
  • User experience
  • Android App’s storage
  • Exploiting Insecure Storage
  • Decompiling APK
  • App Components
  • Intents and intent filters
  • IPC vulnerabilities
  • Manual Code Analysis
  • Automatic Code scanning
  • Runtime Tampering using Frida

 

Hacking iOS

  • Introduction to iOS
  • Security features in iOS
  • Jailbreak
  • Test environment setup
  • MitM with Burp suite
  • Introduction to iOS Apps
  • iOS Data Storage
  • iOS insecure Storage
  • Side channel leaks
  • Demo: dumping decrypted version of app
  • IPC vulnerabilities
  • Runtime Manipulation using objection
  • Static Analysis

 

Hacking Hybrid Apps and API

  • Introduction to hybrid Apps
  • Overview of API OWASP Top 10
  • Introduction to SQL Injection
  • Exploting SQL Injection at mobile API
  • Introduction to XSS
  • Exploiting XSS in mobile apps
  • XSS attacks over IPC
  • Webviews
  • Webview vulnerabilities
  • Cordova security
  • Attacks on cordova apps
  • Further API attacks

 

HM TRAINING SOLUTIONS ON-SITE SERVICE

All HM Training Solutions Seminars are available as On-Site presentations, tailored to meet the specific requirements of your organisation.

For details please telephone +49 (0) 6022 508 200

 

In this workshop you learn

  • The methodology of hacking mobile apps
  • OWASP Top 10 vulnerabilities of mobile apps
  • Static and dynamic analysis of mobile apps
  • The required tools to pentest and hack mobile apps
  • Attacking API of mobile apps
  • Using Frida to manipulate apps
  • Measures to secure your mobile apps

 

What we prepared for you

  • Dedicated chapters for android, iOS and hybrid apps
  • A Virtual Box Virtual machine that contains all required tools
  • Vulnerable apps developed specially for this workshop
  • Dedicated Emulators for exercises

 

Who Should Attend This Course

The workshop does not require any experience in hacking or coding. Everybody is welcome, including:

  • Penetration testers starting to hack mobile applications
  • Mobile application developers, who want to develop more secure apps
  • IT-Professionals transitioning to security
  • Anyone interested in mobile security

 

Course Requirements

Laptop with Virtual Box and at least 40GB of disk space, 6GB of RAM.

  • Your willingness to learn
  • (Optional) Microsoft Teams. You can also join the video conference using your browser

 

Speaker Biography

Your Trainer, Ahmad Abolhadid is a penetration tester and a security analyst at ERNW. He has a deep experience in pentesting mobile apps, web apps, infrastructure and other fields. Additionally, he develops mobile pentest tools such as AndroTickler. He also enjoys creating and giving workshops to exchange experiences. Furthermore, he has previous working experiences in the field of telecommunications. He also holds a Masters degree of CME from Hochschule Offenburg.

 

 

 

 

Dateien zum herunterladen


Diesen Kurs buchen: Hacking Mobile Apps - Online Workshop

Wenn Sie bereits registriert sind, bitte hier direkt einloggen

Einzelpreis

Teilnehmerdaten

Teilnehmeradresse

weitere Teilnehmer

Rechnungsadresse

* notwendige Angaben

Tags

TROOPERS
englischsprachige IT-Security Online Trainings vom 18. Oktober 05. November

 

Trainings:

TLS in the Enterprise
Frieder Steinmetz, Dennis Heinze

Docker, Kubernetes & Security in Enterprise Environments
Kevin Kelpen, Florian Bausch, Sebastian Sartor

Hardening Microsoft Environments
René Mathes, Lennart Brauns

Hacking Mobile Apps
Ahmad Abolhadid

Hacking Bureaucracy
Greg Conti

Cloud Security Masterclass: Defender's Guide to Securing Public Cloud Infrastructure
Abhinav Singh

Hacking Enterprises - 2021 Edition
Will Hunt, Owen Shearing

Defending Enterprises
Will Hunt, Owen Shearing

Intrusion Analysis and Threat Hunting with Open Source Tools
Josh Stroschein

Reverse Engineering of Android Malware
Axelle Apvrille

Mastering Mimikatz and Kekeo
Carlos Perez

 

https://troopers.de/tickets

 

VIDEOS

Kontakt

+49 6022 508-200
E-mail: info@hm-ts.de

HM Training Solutions
Falkenstraße 6
63820 Elsenfeld

Newsletter

Wenn Sie unsere Newsletter erhalten möchten, tragen Sie hier Ihren Daten ein.
Ich akzeptiere die Allgemeinen Geschäftsbedingungen und die Datenschutzerklärung