Mobile Application Penetration Test Training 4

1
ABOUT US

• SECURIUM FOX offers cyber security consultancy
  services with its expert and experienced team. We
  are providing consulting services to prevent
  cyber attacks, data leak and to ensure that our
  customers are ready and safe against cyber
  attacks, with more than 15 years of
  experience.In addition to pentests and
  consulting services, SECURIUM FOX prepares its
  customers and field enthusiasts for real life
  scenarios by providing trainings in the lab
  environment which was prepared by themselves,
  with its young, dynamic and constantly following
  team.Everytime that hackers are in our lives,
  there are always risks that we can face with a
  cyber attack. Over the years cyber security has
  become a critical precaution for all
  organizations and companies after the effects and
  number of attacks. SECURIUM FOX tests the weak
  points of customers for possible attacks and
  provides consulting services to eliminate these
  weak points.SECURIUM FOX team also offers
  support for the development of our country in
  this field by supporting free events being
  organized as a volunteer by the Octosec team.

2

• MOBILE APPLICATION SECURITY AND PENETRATION TEST
  TRAINING

3

• Mobile App Ethical Hacking Training and Mobile
  Penetration Testing Training
• Mobile applications are a major point of
  vulnerability in organizations today. Tonex
  Mobile App Penetration Testing and Ethical
  Hacking Training Course covers all aspects of
  Mobile Mobile App Penetration Testing Training
  and Mobile App Ethical Hacking.
• Attendees will learn the art of exploiting and
  penetrating Mobile applications so security and
  performance flaws can be found in your mobile
  apps before the real hackers do. Through
  detailed, hands-on exercises and training from a
  experienced mobile ethical hacker professional,
  students will be taught the six-step process for
  Mobile application penetration testing and
  explore various other Mobile app vulnerabilities
  in depth.
• You will learn the hacking and mitigation tools
  and methods for the mobile apps used by the
  attacker, so that you can be a powerful defender
  yourself.

4
Mobile Application Penetration Testing Benefits

• Upon Completion of this Course, you will
  accomplish following-
• Understanding the basics of Mobile Operating
  Systems and its security environments
• Understanding the Mobile Infrastructure and
  components involved in the architecture
• Setting up Mobile Environments
• Understanding the concepts of Reverse Engineering
• Auditing Application Development
• Identifying threats to Mobile Security
• Learning the procedure to perform a Penetration
  Testing
• Assessing the Security of Mobile Applications
• Understanding SQLite
• Reporting the results of the Penetration Tes

5
Introduction and Executive Summary

• Mobile App Ethical Hacking and Penetration
  Testing Principles
• Mobile Application Security Assessments for
  applications
• Pentesting Mobile Applications
• Mobile Device Threats, Policies, and Security
  Models
• Mobile Device Architecture Security and
  Management
• Mobile Code and Application Analysis
• Ethical Hacking Mobile Networks
• Ethical Hacking Mobile Phones, Tablets, and
  Applications
• Secure Mobile Phone Capture the Flag
• Exploiting and penetrating mobile applications
• Overview of vulnerabilities
• Security and performance flaw
• Mobile Ethical Hacking

6
Overview of Mobile platforms

• Control functions
• Networks GSM, CDMA, UMTS, LTE, WiFi, Bluetooth,
  NFC
• Hardware Baseband layer attacks
• Memory corruption defects in firmware
• OS Defects in kernel code
• Applications
• Codes
• Apps with vulnerabilities and malicious

7
Mobile Application Basics

• Browser Based Application
• HTML5CSSJavaScript
• iOS Application Basics
• iOS System Architecture
• Objective C Cocoa Touch API
• Android Application Basics
• Android System Architecture
• Application program
• Application Frame
• Program Library
• Android Runtime Library
• Linux Core

8
Major Mobile Threats

• Equipment and password protection
• Sensitive files encryption
• Boot Rom exploits
• Password brute force
• Mobile App Risks
• Mobile Device Risks at multiple layers
• Mobile App Ecosystems
• Mobile App Top 10 Risks
• Veracode Top 10
• OWASP Mobile Top 10

9
Application Penetration Testing

• Reconnaissance
• Mapping
• Discovery
• Exploitation
• Reporting
• Ethical attack
• Applications security controls
• Reverse engineering
• Proprietary tools
• Input Validation

• Buffer Overflow
• Cross Site Scripting
• URL Manipulation
• SQL Injection
• Hidden Variable Manipulation
• Cookie Modification
• Authentication Bypass
• Code Execution
• Injections
• Broken authentication and session management

• Cross-site scripting
• Insecure direct object references
• Security misconfiguration
• Sensitive data exposure
• Missing function level access control
• Cross-site request forgery
• Using components with known vulnerabilities
• Unvalidated redirects and forwards

10
You can always contact with SECURIUM FOX. You can
contact us through our email addresses or by
using the contact form on the side.

• INFO
• 3rd Floor,Lohia Towers,
• Nirmala Convent Rd,
• Gurunanak Nagar,Patamata,Vijyawada,
• Andhra Pradesh -520010
• 9652038194
• 08666678997
• info_at_securiumfoxtechnologies.com

11

• info_at_securiumfoxtechnologies.com
• Andhra Pradesh Office
• 91 8666678997,91 91652038194
• 3rd Floor,Lohia Towers,
• Nirmala Convent Rd,Gurunanak Nagar,Patamata,Vijaya
  wada,
• info_at_securiumfoxtechnologies.com
• UK Office
• 44 2030263164
• Velevate, Kemp House, 152 - 160,City Road,EC1V
  2NX
• London
• info_at_securiumfoxtechnologies.com
• Tamil Nadu Office
• 91 9566884661
• Kailash Nagar, Nagar, Tiruchirappalli, Tamil Nadu
  620019
• info_at_securiumfoxtechnologies.com

• Noida Office
• 91 (120) 4291672, 91 9319918771
• A-25, Block A,
• Second Floor,Sector - 3,
• Noida, India
• info_at_securiumfoxtechnologies.com
• USA Office
• 1 (315)933-3016
• 33 West,17th Street,
• New York,
• NY-10011, USA
• info_at_securiumfoxtechnologies.com
• Dubai Office
• 971 545391952
• Al Ansari Exchange, Ansar Gallery - Karama
  Branch, Hamsah-A Building - 3 A St - Dubai -
  United Arab Emirates