MAHH – Live Edition Course Syllabus
Presented By: Dominic Chell

The course follows chapters 1-9 of the Mobile Application Hacker’s Handbook, with a strong focus on practical attacks. Over the 2-day training course delivered by the lead author of the book, delegates will learn the tricks and techniques to hack mobile applications on the iOS and Android platforms.

After a short introduction in to the subject, we delve in to the following core modules:

  •  Introduction to Mobile Application Security Assessment (Chapter 1)
  •  Analyzing iOS applications (Chapter 2)
  •  How to attack iOS applications (Chapters 3-4)
  •  Securing iOS applications (Chapter 5)
  •  Understanding Android applications (Chapter 6)
  •  Exploiting Android applications (Chapter 7-8)
  •  Securing Android applications (Chapter 9)

Attendees will gain theoretical and practical experience of:

  •  The security protections on iOS and Android devices
  •  How iOS and Android devices are jailbroken or rooted
  •  How to quickly and efficiently pinpoint and exploit vulnerabilities in iOS and Android apps
  •  How to decompile, reverse and patch iOS and Android apps
  •  How to hack webviews, client-side databases and the keychain
  •  Instrument application runtimes using Frida, Cydia Substrate and Cycript
  •  Exploitation of IPC mechanisms including content providers, URL handlers, application extensions, broadcasts, activities and intents
  •  Practical exploitation of poorly implemented cryptography
  •  Bypass security controls such as root or jailbreak detection
  •  Real-world 2015 techniques used to defeat real apps on iOS8 and Lollipop!
  •  Knowledge of defensive and remedial advice

The course will take place straight after 44CON Cyber Security on Wednesday 29 and Thursday 30 April. It will be held at etc.venues The Hatton in central London.

A ticket for the training does not give you access to the conference.

Conference and training tickets are non-refundable as per our Terms of Service.