Overview

LEARN HOW TO PEN TEST THE BIGGEST ATTACK SURFACE IN YOUR ENTIRE ORGANIZATION

This course is designed to give you the skills you need to understand the security strengths and weaknesses in Apple iOS, Android, and wearable devices including Apple Watch and Android Wear. With these skills, you will evaluate the security weaknesses of built-in and third party applications. You'll learn how to bypass platform encryption, and how to manipulate Android apps to circumvent obfuscation techniques. You'll leverage automated and manual mobile application analysis tools to identify deficiencies in mobile app network traffic, file system storage, and inter-app communication channels. You'll safely work with mobile malware samples to understand the data exposure and access threats affecting Android and iOS devices, and you'll exploit lost or stolen devices to harvest sensitive mobile application data.

Learning Outcomes

  • Use jailbreak tools for Apple iOS and Android systems
  • Conduct an analysis of iOS and Android file system data to plunder compromised devices and extract sensitive mobile device use information
  • Analyze Apple iOS and Android applications with reverse-engineering tools
  • Change the functionality of Android and iOS apps to defeat anti-jailbreaking or circumvent in-app purchase requirements
  • Conduct an automated security assessment of mobile applications
  • Use wireless network analysis tools to identify and exploit wireless networks used by mobile devices
  • Intercept and manipulate mobile device network activity
  • Leverage mobile-device-specific exploit frameworks to gain unauthorized access to target devices
  • Manipulate the behavior of mobile applications to bypass security restrictions

Who should Attend?

  • Penetration testers
  • Ethical hackers
  • Auditors who need to build deeper technical skills
  • Security personnel whose job involves assessing, deploying or securing mobile phones and tablets
  • Network and system administrators supporting mobile phones and tablets

Pre-requisites

  • Students should have familiarity with network penetration testing concepts, such as those taught in SEC504 or SEC560.
This course is endorsed under Critical Infocomm Technology Resource Programme Plus (CITREP+) Programme.
To find out more about CITREP+ Funding, please refer to Programme Support under CITREP+ page


Information is accurate as of 28 June 2018