Null offensive hacking hands-on training.
Proposed sessions for this event:
- Advanced Android App Exploitation by Sachinraj Shetty
- Advanced Android App Exploitation by Ajin
Note: The session details including schedule are available below.
Advanced Android App Exploitation is a lab based session for exploiting Android applications. The session will focus mainly on analyzing decompiled APK code - going through the coding flaws that could potentially cause security issues. The session will also cover dynamic testing of the APK for various exploits. The participants will get a chance to break Dexguard String encryption, exploit Heartbleed in Android apps, bypass SOP in Webviews, inject RAT in to Android, and many more interesting stuffs.
1. Exploiting Activities, Intents, Receivers, Services & Content Providers
2. Security issues with File handling and SQLite DB
3. Attack on Webviews
4. SSL and Cryptography issues with Android
5. Breaking Dexguard String Encryption
6. Mobile Security Automation Framework
1. Familiarity with decompiling APK, and intercepting HTTPS traffic from Android device/emulator using Proxy tool.
2. Understanding of basic Java for code reviewing Android Application.
3. Basic knowledge of OWASP Mobile top 10.
What to Bring?
1. Laptop with admin access, and with external USB allowed.
2. Atleast 20+ GB free hard disk space
3. Min 4 GB RAM
4. Virtual Box installed (https://www.virtualbox.org/wiki/Downloads)
5. Genymotion installed (http://genymotion.com) with Google Nexus S - 4.1.1 image
|Name||Speaker||Start Time||End Time|
|Advanced Android App Exploitation||Sachinraj Shetty||09:30 AM||01:30 PM|
|Advanced Android App Exploitation||Ajin||01:30 PM||06:00 PM|
Cafeteria, InMobi 8th Floor, Block Delta, Embassy Tech Square, Kadubeesanhalli, Outer Ring Road, Bangalore-560037 (KA)Google Map
Time & Date
Start: July 11, 2015 at 9:30 AM IST
End: July 11, 2015 at 6:00 PM IST