About the course
Mobile applications are complex software systems operating in potentially hostile environments, making their security analysis a critical skill for developers, security testers, and researchers. Beyond static code analysis, understanding how to reverse engineer compiled applications and perform dynamic analysis at runtime is essential for identifying hidden vulnerabilities, understanding application behaviour, and verifying security controls. This 4-day intensive hands-on training course provides participants with the fundamental knowledge and practical techniques required to conduct technical security analysis of mobile applications on both the Android and iOS platforms. The course focuses on understanding the underlying security architecture of each operating system and applying specific tools and methodologies for reverse engineering, static analysis, and dynamic testing.
The course is structured into distinct sections for Android and iOS, acknowledging the platform-specific nature of mobile security analysis. For Android, participants will begin by understanding the core security architecture, including software isolation, anti-exploitation mechanisms, and the structure of Android applications (APK file structure, Manifest, components like Activities, Services, Content Providers, and Receivers), along with interprocess communication and application signing. They will then learn techniques for Reverse Engineering Android Apps using industry-standard tools like JD-GUI and JADX to decompile and analyse bytecode. The Android section concludes with Dynamic Analysis, covering how to set up a mobile security lab, intercept network traffic, understand and bypass SSL pinning, bypass root detection, analyse sensitive data leakage via logs, exploit broadcasts, analyse local data storage, and find/exploit deeplinks.
For iOS, the course introduces the basics of iOS security, covering the platform overview, security architecture (code integrity, secure boot, pointers authentication code), signed system volume, and code signing. Participants will learn about setting up an iOS penetration testing lab, required testing tools, and the process of jailbreaking for enhanced access (while also discussing testing on non-jailbroken devices). Static Analysis techniques for iOS applications will be covered, including finding hardcoded sensitive information in app binaries. The iOS section then moves to Dynamic Testing, with an introduction to the powerful Frida framework. Participants will learn basics of jailbreaking, managing apps on iOS devices, bypassing jailbreak detection, intercepting network traffic (including bypassing certificate pinning), automation using tools like Objection, introduction to data storage and file system enumeration, finding credentials in Plist files and Keychain data storage, and an introduction to reverse engineering iOS apps with tools like Radare2. Through extensive hands-on labs and tool usage, attendees will gain practical experience in applying these techniques to real-world mobile applications.
Instructor-led online options are available - as part of a wider customised training programme, or as a standalone workshop.
-
- Understand the fundamental security architecture and mechanisms of both the Android and iOS operating systems.
- Explain the structure and components of Android and iOS applications and the role of application signing.
- Set up a mobile security analysis lab environment for both Android and iOS.
- Perform Reverse Engineering and Static Analysis on Android applications using tools like JD-GUI and JADX.
- Perform Reverse Engineering and Static Analysis on iOS applications using relevant tools and techniques (e.g., analysing app binaries, Plist files).
- Conduct Dynamic Analysis of Android applications, including intercepting network traffic, bypassing SSL pinning and root detection, and analysing runtime behaviour.
- Conduct Dynamic Analysis of iOS applications, including setting up a testing environment, bypassing jailbreak detection and certificate pinning, and using tools like Frida and Objection.
- Identify common mobile app vulnerabilities through reverse engineering, static analysis, and dynamic testing techniques on both platforms.
- Understand and analyse mobile data storage mechanisms (local storage, Keychain) and identify potential data leakage risks.
- Utilise specific tools and frameworks for mobile app security analysis on both Android (e.g., JD-GUI, JADX, Frida) and iOS (e.g., Frida, Objection, Radare2).
-
This 3-day intensive hands-on training course is designed for IT professionals who need to perform technical security analysis and testing of mobile applications on Android and iOS. It is ideal for:
Mobile Application Security Testers and Penetration Testers specialising in mobile.
Mobile Application Developers (for Android and iOS) who want to understand how their applications can be analysed and attacked, and how to identify vulnerabilities.
Security Analysts and Researchers interested in mobile application security.
Anyone involved in the security review or assessment of mobile applications.
-
Prior programming experience is recommended, although the course focuses on analysis rather than development.
Familiarity with mobile application concepts (how apps are installed and run).
Basic understanding of command-line interfaces.
Experience with either Android or iOS development is helpful but not strictly required.
Note: Participants will ideally have their own test devices (jailbroken/rooted and non-jailbroken/non-rooted) for hands-on labs, and will need the permissions to install specific software as per setup instructions provided before the course. We can provide access to a virtual environment if this is not possible, which may require remote desktop capabilities. Please get in touch for more details.
-
This Mobile app security analysis course is available for private / custom delivery for your team. Online instructor-led training will be delivered via MS Teams (or your own preferred platform).
Get in touch to find out how we can deliver tailored training which focuses on your project requirements and learning goals.
-
Understanding Android Apps and Security Architecture
Understanding Android Architecture
Android System Security
Android Security Architecture
Android Security: Software Isolation
Android Security: Anti-Exploitation
Android APK File Structure
Understanding Android Manifest
Android App Components: Activity
Android App Components: Fragment
Android App Components: Content Providers
Android App Components: Service
Android Interprocess Communication
Android App Components: Receivers
Application Signing
Reverse Engineering Android Apps
Getting Started with Reverse Engineering: Concepts and goals.
Reverse Engineering with JD-GUI (Java Decompiler GUI).
Reverse Engineering with JADX (DEX to Java Decompiler).
Analysing decompiled code and resources.
Dynamic Analysis of Android Apps
Setting up Android security lab (Tools, environment).
Dynamic Analysis of Android apps: Concepts and techniques.
Intercepting Network Traffic (e.g., using Burp Suite, mitmproxy).
Understanding SSL Pinning.
Deciphering SSL Pinning Implementation in Android apps.
Bypassing SSL Pinning with Frida.
Bypassing Root Detection.
Sensitive Data Leakage via Logs.
Exploiting Broadcasts.
Local Data Storage Analysis (Shared Preferences, Databases, Files).
Finding & Exploiting Deeplinks.
Basics of iOS Security and Architecture
Setting Up iOS Penetration Testing Lab (Tools, environment).
iOS Platform Overview.
Understanding iOS Security Architecture.
Code Integrity in iOS.
Understanding iOS concepts: Fast Permission Restrictions, Pointers Authentication Code, Secure Boot Process.
Basics iOS Security Architecture (Revisited).
Revisiting Signed System Volume and Code Signing.
Required Tools for Testing.
Jailbreaking Device and Shell Access (Understanding the process and implications).
Pentesting on Non-Jailbroken Devices (Limitations and possibilities).
Mobile Provisioning: Creating Sample App Using Xcode (for testing purposes).
Managing Apps on iOS Device.
Static Analysis of iOS Applications
Static Analysis of iOS applications: Concepts and techniques.
Finding Hard Coded sensitive info in app binary (e.g., strings, API keys).
Analysing Plist Files for configuration and potential secrets.
Introduction to Frida and Dynamic Testing on iOS
Introduction to Frida and Dynamic Testing: Concepts and capabilities.
Basics of Jailbreaking (Revisited for context).
Bypassing Jailbreak detection in iOS.
Intercepting Network Traffic in iOS apps.
Bypassing Certificate pinning.
Automation Using Objection (Frida-based tool).
Introduction to Data Storage and File System Enumeration.
Finding Credentials in Plist Files (Revisited dynamically).
Keychain Data Storage (Accessing and analysing Keychain data).
Reverse Engineering iOS apps with Radare2 (Introduction to binary analysis).
-
Android Security Documentation (Android Developer): Google's official security guidance and architecture details for Android.
iOS Security Documentation (Apple Developer): Apple's official security guidance and architecture details for iOS.
OWASP Mobile Security Testing Guide (MSTG): A comprehensive manual for mobile app security testing and reverse engineering.
Frida: A dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.
Objection: A runtime mobile exploration toolkit, powered by Frida.
JADX: DEX to Java decompiler.
JD-GUI: A standalone graphical utility that displays Java source codes of .class files.
Radare2: A framework for reverse engineering and analysing binaries.
Burp Suite: A widely used web vulnerability scanner and interception proxy, useful for mobile traffic analysis.
mitmproxy: An open-source interactive SSL/TLS-capable intercepting proxy.
Trusted by
