Android & ios Application Vulnerability Assessment & Penetration Testing Training. 2-Day hands on workshop on VAPT of Android & ios Applications



Similar documents
Mobile Application Hacking for Android and iphone. 4-Day Hands-On Course. Syllabus

Mobile Application Hacking for ios. 3-Day Hands-On Course. Syllabus

SECURING YOUR ENTERPRISE MOBILITY

SYLLABUS MOBILE APPLICATION SECURITY AND PENETRATION TESTING. MASPT at a glance: v1.0 (28/01/2014) 10 highly practical modules

Mobile Application Security and Penetration Testing Syllabus

LUCIDEUS CERTIFIED CYBER SECURITY ANALYST (LCCSA)

Security Testing Guidelines for mobile Apps

Please Complete Speaker Feedback Surveys. SecurityTube.net

LUCIDEUS CERTIFIED ETHICAL HACKER (LCEH) 80 HOURS OF TRAINING ON ETHICAL HACKING & INFORMATION SECURITY

Enterprise Application Security Workshop Series

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES.

Advanced ANDROID & ios Hands-on Exploitation

LUCIDEUS CERTIFIED SECURITY ANALYST (LCSA) LEVEL 1 LEVEL 2 LEVEL 3 TRAINING

How Security Testing can ensure Your Mobile Application Security. Yohannes, CEHv8, ECSAv8, ISE, OSCP(PWK) Information Security Consultant

BYOD: End-to-End Security

ABSTRACT' INTRODUCTION' COMMON'SECURITY'MISTAKES'' Reverse Engineering ios Applications

OWASP Mobile Top Ten 2014 Meet the New Addition

Excellence Doesn t Need a Certificate. Be an. Believe in You AMIGOSEC Consulting Private Limited

CompTIA Mobile App Security+ Certification Exam (ios Edition) Live exam IOS-001 Beta Exam IO1-001

Industry Oriented Training and Capacity Building Program on Mobile Threats, Android Security, IOS security and Cyber Laws

Pentesting iphone Applications. Satishb3

InfoSec Academy Application & Secure Code Track

Mobile Application Security Testing ASSESSMENT & CODE REVIEW

i Network, Inc Technology Solutions, Products & Services Providing the right information, to the right customer, at the right time.

PCI Assessments 3.0 What Will the Future Bring? Matt Halbleib, SecurityMetrics

PCI Security Standards Council

EC-Council CAST CENTER FOR ADVANCED SECURITY TRAINING. CAST 616 Securing Windows Infrastructure. Make The Difference CAST.

Penetration Testing for iphone Applications Part 1

Pentesting Mobile Applications

CYBERTRON NETWORK SOLUTIONS

Web Application Hacking (Penetration Testing) 5-day Hands-On Course

Cloud Security:Threats & Mitgations

BAE Systems PCI Essentail. PCI Requirements Coverage Summary Table

FRONT RUNNER DIPLOMA PROGRAM INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months

Thick Client Application Security

CAST Center for Advanced Security Training

Weak Spots in Enterprise Mobility Management Dennis Schröder

Security Intelligence Services. Cybersecurity training.

Information Technology Engineers Examination. Information Security Specialist Examination. (Level 4) Syllabus

TACKYDROID. Pentesting Android Applications in Style

Mobile Applications: The True Potential Risks Where to look for information when performing a Pentest on a Mobile Application

Mobile Application Security. Helping Organizations Develop a Secure and Effective Mobile Application Security Program

Information Systems Security Certificate Program

SECURING MOBILE APPLICATIONS

Network Test Labs (NTL) Software Testing Services for igaming

InfoSec Academy Forensics Track

Building a Mobile App Security Risk Management Program. Copyright 2012, Security Risk Advisors, Inc. All Rights Reserved

Course Title: Course Description: Course Key Objective: Fee & Duration:

Sitefinity Security and Best Practices

Securing Mobile Apps in a BYOD World

EC-Council. Certified Ethical Hacker. Program Brochure

Certification Programs

APPLICATION SECURITY: FROM WEB TO MOBILE. DIFFERENT VECTORS AND NEW ATTACK

Security Testing. Vulnerability Assessment vs Penetration Testing. Gabriel Mihai Tanase, Director KPMG Romania. 29 October 2014

Mobile Application Security Report 2015

Information Security Services

Secure Your Mobile Workplace

DEF CON 19: Getting SSLizzard. Nicholas J. Percoco Trustwave SpiderLabs Paul Kehrer Trustwave SSL

Mobile Device Management:

Kaspersky Fraud Prevention: a Comprehensive Protection Solution for Online and Mobile Banking

Advanced Digital Forensics ITP 475 (4 Units)

Securing the Intelligent Network

SECURE MOBILE APP DEVELOPMENT: DIFFERENCES FROM TRADITIONAL APPROACH

Certified Ethical Hacker Exam Version Comparison. Version Comparison

LBSEC.

Managing for the Long Term: Keys to Securing, Troubleshooting and Monitoring a Private Cloud

CompTIA Mobile App Security+ Certification Exam (Android Edition) Live exam ADR-001 Beta Exam AD1-001

That Point of Sale is a PoS

Certified Information Security Expert (CISEv3.0) Brochure Certified Information Security Expert Level 1 v3.0

PCI Compliance - A Realistic Approach. Harshul Joshi, CISM, CISA, CISSP Director, Information Technology CBIZ MHM hjoshi@cbiz.com

Security+ P a g e 1 of 5. 5-Day Instructor Led Course

Practical Attacks against Mobile Device Management Solutions

Summer Training Program CCSE V3.0 Certified Cyber Security Expert Version 3.0

Penetration Testing with Kali Linux

PCI Requirements Coverage Summary Table

SECURE IMPLEMENTATIONS OF CONTENT PROTECTION (DRM) SCHEMES ON CONSUMER ELECTRONIC DEVICES

Passing PCI Compliance How to Address the Application Security Mandates

Introduction to Cyber Security / Information Security

Certification Programs

How To Protect Your Firewall From Attack From A Malicious Computer Or Network Device

CS 348: Computer Networks. - Security; 30 th - 31 st Oct Instructor: Sridhar Iyer IIT Bombay

The State of Mobile Application Insecurity

The Protection Mission a constant endeavor

Soran University Faculty of Science and Engineering Computer Science Department Information Security Module Specification

(WAPT) Web Application Penetration Testing

EC-Council C E. Hacking Technology. v8 Certified Ethical Hacker

What would you like to protect?

Mobile Application Security: Who, How and Why

Transcription:

Android & ios Application Vulnerability Assessment & Penetration Testing Training 2-Day hands on workshop on VAPT of Android & ios Applications

Course Title Workshop on VAPT of Android & ios Applications Course Description Introduces threats Android & ios security controls. Introduces on the Android & ios platform. Provides guidance on analyzing, reverse engineering, and decompiling Android applications. Provides guidance on jail breaking, static analysis, and dynamic analysis of ios. Malwares on ios Includes hands-on lab exercises on application development, penetration testing and reverse engineering an Android and ios Application. Delivery Type - Deep Dive Hands On Technology Workshop The course includes practical hands-on exercises that enable you to test your acquired skills during the workshop and understand its usage in a live environment. Participants will be required to come with their own laptops and internet connection Delivery Method Instructor led hands-on Workshop The team of instructor fly down to the premises of the organization to deliver the workshop Contact Hours of Training 12 Hours Number of Days 2 Days Number of Trainers 2 Practical: Theory Ratio 7:3 Ideal Batch Size 16 to 24 individuals 1

Course Objective At the end of this course, attendees will be able to: Identify specific threats and risks associated with the Android & ios mobile platform Perform Vulnerability Assessment on Android & ios platform. Perform a hands-on penetration test and reverse engineering an Android application Who Should Attend? Android & ios Application Developers IT & IT Security Professionals Mobile Application Vulnerability Analyst Mobility, Mobile Security & Operations Team Hands- On The course includes practical hands-on exercises that enable you to test your acquired skills during the workshop and understand its usage in a live environment. Take Away Lucideus Mobile Security Toolkit Practical Toolkit (DVD) with tools used during the workshop, white papers, and other support software Mobile Security Cook-Book Android Security Cook Book containing detailed specifics of the contents of the training Certification Participants will be evaluated at the end of the workshop and will be provided with Lucideus Certified Mobile Application Security Analyst (LCMASA) certificate if they score above 60% in the examination Each Participant will get the participation certificate. 2

Course Outline Day One 6 Hours INTRODUCTION Introduction & Lab Setup Introduction to Android Security Challenges to development Insecure Data Storage Weak Server Side Control Insufficient Transport Layer Protection Authorization & Authentication Session Handling Security Decisions Sensitive Information Disclosure Privilege Management & Escalation Android Permission Manager APK Permission Analysis Demonstration Security Countermeasure Android Security Forensics Data Storage Demonstration (Accessing User Data) Broken cryptography Analyzing, Reversing and Decompiling 2 Hours Unpacking APKs Decoding XML/Resource Files De-Compiling Android Executable Files Lab Reverse Engineering target applications Protecting app against reverse engineering Root Access in Android Introduction Demonstration 3

Course Outline Day Two 6 Hours History and Introduction ios User Base AppStore and it's Policy ios Version And Vulnerability History OWASP Top 10 Mobile Threats Common Application Threats OS Built-in Security Application Permission Model Jailbreaking What is Jailbreaking Cydia Tethered v/s Untethered Jailbreak Security Threats of Jailbreaking Static Analysis 1.5 Hours IPA file Architecture Decrypt the AppStore Application Dump and Investigate Class Headers Data Transmission Protocol Implemented Inspecting PLIST file Data Storage Inspection What Platform Provided Security Features Are Used Dynamic Analysis 2 Hours Bypassing Jailbreak Detection Data Stored in keychain and SQLite Database Memory Analysis Capturing Packet Data Traffic Interception Writing Binary Patching Tweaks Malwares Does ios Malware Exist? ios Malware History Exam 4

Lucideus has been featured in 5

Lucideus Headquarters New Delhi C-17, Safdarjung Development Area, Hauz Khas, New Delhi - 110016 Lucideus Labs IIT Bombay 4th Floor, SINE KReSIT Building IIT Bombay, Powai Mumbai - 400076 Lucideus Regional Office Ahmedabad 205, 2nd Floor Shree Balaji Heights, C.G. Road Ahmedabad - 380001 Lucideus Regional Office Kolkata 390 A, Jodhpur Park, Kolkata - 700068 www.lucideus.com info@lucideustech.com +91 11 26569899. All rights reserved. This document is protected by copyright and any distribution, reproduction, copying, or decompilation is strictly prohibited without the prior written consent of Lucideus. No part of this document may be reproduced in any form or by any means without the prior written authorization of Lucideus. While every precaution has been taken in the preparation of this document, Lucideus assumes no responsibility for errors or omissions.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information