MOBILE APPLICATION REVERSE ENGINEERING: MASTERING ANDROID AND IOS INTERNALS (ARABIC)
SUMMARY
In today's digital era, mobile devices have become ubiquitous, making cybersecurity a top priority. The Mobile Application Reverse Engineering: Mastering Android and iOS Internals Course equips individuals with the knowledge and skills to obtain and investigate mobile applications. By understanding the inner workings of mobile apps, participants can recognize weaknesses, discover potential attack vectors, and implement effective security measures. This course is invaluable for professionals in security, ethical hacking, and mobile development, helping them safeguard personal and organizational data, fortify defenses, and stay ahead of cybercriminals in the rapidly evolving mobile landscape.
DETAILED DESCRIPTION
This comprehensive course is designed to equip participants with the essential skills and knowledge to analyze and manipulate Android and iOS applications. Over the span of three days, attendees will delve into the intricacies of mobile platform security, learn various techniques for reverse engineering, and explore practical use cases with tools like Frida and Objection.
up by discussing foundational concepts and additional tools. These tools, including objection, Hopper, and RMS, enhance the capabilities of pentesters in dynamic instrumentation. We explore how to overcome known challenges and leverage these tools effectively.
Throughout the Training, participants will engage in hands-on exercises and demonstrations to gain practical experience in identifying vulnerabilities, performing dynamic analysis, and utilising advanced instrumentation techniques. The focus will be on reinforcing theoretical knowledge with real-world scenarios and providing ample opportunities for interaction and learning.
BENEFITS
Throughout the Training, participants will engage in hands-on exercises and demonstrations to gain practical experience in identifying vulnerabilities, performing dynamic analysis, and utilising advanced instrumentation techniques. The focus will be on reinforcing theoretical knowledge with real-world scenarios and providing ample opportunities for interaction and learning.
TOPICS:
Day 1:
- Introduction to Android
- Interaction with Android
- APK Reversing
Day 2:
- Instrumentation with Frida
- Use Case 1 - Bypassing Root Detection
- Use Case 2 - Extracting Encryption Keys
- Use Case 3 - SSL Unpinning and Traffic Capturing
Day 3:
- Introduction
- Deep-dive into iOS Data Storage and File System Architecture
- LAB Environment
- iOS Static Analysis
- iOS Dynamic Assessment /Jailbreaking
- Advance Application instrumentation techniques for iOS
TARGET AUDIENCE
Penetration Testers, Mobile Application Developers and Security Researchers.
WHAT STUDENTS SHOULD BRING TO THE CLASS
- This training has no advanced prerequisites, it's designed to walk cyber security enthusiasts, pentesters and developers with different levels and skills.
- Laptop: Students should bring their own laptops to the course. It is preferable to have a laptop running a modern x64-bit operating system such as Windows, macOS, or Linux with specs capable of running VirtualBox/Android Emulator (8 GB disk space, 16GB recommended RAM / 8GB minimal).
- Optional: It is recommended to have access to rooted Android devices or jailbroken iPhones for hands-on practice on hardware devices. However, if physical devices are not available, all practical exercises can be performed on virtual devices.
WHAT STUDENTS WILL BE PROVIDED WITH ONSITE
The material will be provided as digital copies, besides tools, codes and applications needed for exercises.