Mobile Hacking Crash Course
In this session – the first in a series of three on mobile hacking – we begin with some fundamentals of mobile apps and discuss testing methodology.
What you’ll learn
- Why learning to hack mobile apps is worthwhile
- Types of applications
- Pure native
- Hybrid
- Web wrappers
- Popular hybrid app framework quirks
- Languages to learn
- How to select a target
- Basics of setting up proxy for mobile
- Testing methodology starting point
- Standard web bugs
- Credential storage bugs
- Insecure connections
- Embedded secrets
- Session token oddities
- Debug/dev interfaces
- Insecure data storage
- Insufficient crypto
- Confidential data in app switcher
Video
Next video