Runtime Manipulation of Android and iOS Applications - Mobile Security Testing
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore runtime manipulation techniques for Android and iOS applications in this conference talk from AppSecUSA 2014. Delve into powerful tools and methods for runtime analysis, memory manipulation, and binary analysis to enhance mobile application security testing skills. Learn about cycript, snoop-it, jdb, and other tools for runtime manipulation and memory analysis. Gain insights into iOS execution flow, method swizzling, memory dumping, and Android decompiling. Discover how to improve mobile security testing results and better understand security controls in mobile applications. Suitable for pen testers and security professionals looking to expand their mobile security toolbox.
Syllabus
Intro
Runtime Analysis and Manipulation
Runtime Analysis: Android
Runtime Analysis: iOS
Snoop-it Features
IOS Execution Flow
Cycript Common Functions
Cycript Method Swizzling
Memory Dumping and Analysis
Memory Analysis: Android
Memory Analysis: iOS
IOS Binary Analysis
Disassembler
Other Tools..
Android: Decompiling
Example: Android Decompiling
Example: Decompile & Re-compile
Taught by
OWASP Foundation
Related Courses
Network SecurityGeorgia Institute of Technology via Udacity Proactive Computer Security
University of Colorado System via Coursera Identifying, Monitoring, and Analyzing Risk and Incident Response and Recovery
(ISC)² via Coursera Hacker101
HackerOne via Independent CNIT 127: Exploit Development
CNIT - City College of San Francisco via Independent