YoVDO

Mobile App Security Fails and How To Survive Them

Offered By: WEareTROOPERS via YouTube

Tags

TROOPERS Courses Reverse Engineering Courses Mobile Application Security Courses

Course Description

Overview

Explore mobile app security vulnerabilities and defense strategies in this TROOPERS18 conference talk. Delve into the mobile top 10 security risks, including improper platform usage, insecure communication, and insufficient cryptography. Examine real-world cases involving Tinder, Strava, and Twilio. Learn about Android code reverse engineering techniques, sandbox bypasses, and exploiting shared preferences. Investigate pin lock vulnerabilities, photo vault weaknesses, and ADB backup risks. Discover mobile payment app security issues and understand the importance of application security verification standards. Gain insights on implementing effective control categories to enhance mobile app security.

Syllabus

Intro
Who is Gustavo
How did this talk start
The first mobile top 10
Improper platform usage
Insecure communication
Insecure identification and authorization
Insufficient cryptography
Client code quality
Binary patching
Reverse engineering
Extravagant functionality
Cases in the news
Tinder
Strava
Twilio
Mobile Banking App
Android Code Reverse
Verify Resource
Give Me The Pin
Sandbox
Shared Preferences
Pin Lock
Local Pins
Backups
ADB
Pinlock
Photo Vault
Android Photo Vault
Adb Backup
Backup Findings
Another Pin Bypass
Class Dumping
Boid Methods
Code Injection
Mobile Payment App
Mobile Application Security
ASBS
Control Categories
Conclusion
Is Android better than iOS


Taught by

WEareTROOPERS

Related Courses

Applied ChatGPT for Cybersecurity
Infosec via Coursera
Become an Influencer at Work
CreativeLive
Fundamentos de Ciberseguridad: un enfoque práctico
Inter-American Development Bank via edX
Advanced Malware Analysis: Redux
Cybrary
How to Use GDB (BSWJ)
Cybrary