This course will give you insight and practical window into the methods used when attacking mobile platforms. This course is ideal for penetration testers who are new to the mobile area and need to understand how to analyze and audit applications on various mobile platforms using a variety of tools and platforms. Our mobile course uses a mixture of lectures, hands-on-labs, demonstrations, and group exercises.
Course outline
Mobile Eco Systems
This journeyman course presents you with a hands on introduction into testing mobile applications. The course aims to be as platform agnostic as possible and will provide you with the skills to get started with mobile application security testing. The methodology taught during this course allows students to apply their skills across a wide range of platforms, and provides the knowledge needed to apply security best practices to mobile application development.
Building your own penetration testing platform
Having access to the right tools and platforms is key when testing mobile applications. Here we help students create the ultimate mobile testing platform and delve into hardware and emulators usage, common tools that work and intercepting the stream between mobile device and the Internet.
Mobile Application Analysis
Your lab is ready and you want to test the latest mobile phone application for vulnerabilities, but what next? This module starts with how you’d perform information gathering, looking at storage on the device, iOS/Android security and how you can test for weaknesses.
Testing Fundamentals
Being methodical when testing any application is key. We discuss authentication, authorisation, session management and storage and how they could all yield potential vulnerabilities.
Training Portal
We’ve developed a training portal for students to interact with the trainers, keep updated on content and also download all files, slides and tools delivered during the course. This portal is made available to all students, even when the course has finished. In addition, we’ve moved our training infrastructure into our own cloud, which means students get their own individual environments to test against, making use of VPN’s and numerous targets. This gives a fully immersive experience of attacking real-world architecture and networks.
Location & Time
Will be discussed
Our courses are delivered publicly by our training partner Gitex africa. For further information on the next public course. If you wish to have In-house training, please get in touch with our sales team to discuss further.
