OFFENSIVE MOBILE MALWARE ANALYSIS

Homepage / Trainings / OFFENSIVE MOBILE MALWARE ANALYSIS

Private Trainings​

Training Details

  • Training Length – 2 or 3 Days
  • Venue – Virtual / On-Site 

 What Will Students Learn 

  • ARM Instruction set (includes updates from ARMv9)
  • iOS and Android Security Model
  • Setting up your own Malware Research Environment
  • Corellium for Malware Research
  • Understand some of the latest bugs and mitigations (PAC, Memory Tagging, CoreTrust, PPL, etc.)
  • Sandboxing Internals
  • Internals of iOS and Android Kernel
  • Understand how jailbreaks and exploits are written
  • Reversing Objective-C, Swift, Java, Kotlin, and Smali code
  • Reversing Native Android and iOS Binaries
  • Frida for Runtime Analysis
  • Advanced Frida Techniques (Advanced Memory Inspection, Custom Tracing and Profiling, Inspecting Real-world applications using Frida)
  • Case Study of Public Malware (Pegasus, Cerberus, MasterFred, etc)
  • Case Study of Custom Malware designed for the course
  • iOS and Android Forensics Techniques
  • Inspecting Crash Logs
  • Extraction and Analysis of Forensic Artifacts
  • Conclusion and Future Research

Course Description

The Offensive Mobile Malware Analysis course for iOS and Android is designed to give a proper understanding of malware threats aimed at mobile devices for iOS and Android. With a focus on mobile OS internals, attack vectors, and security mechanisms, this course provides hands-on experience and practical insights. The course also covers ARM64 instruction set, and introductory details to the internals of iOS and Android kernel, addressing the latest vulnerabilities and mitigations. The curriculum begins with an in-depth exploration of iOS and Android architectures, focusing on their security features and platform specific APIs. Participants gain a comprehensive understanding of the challenges posed by modern mobile malware, including obfuscation, anti-detection techniques, and exploit delivery. It explores sandboxing and the attack surface available from a sandboxed app, and later delves into the creation of jailbreaks and exploits. It also offers a comprehensive insight into reversing Objective-C, Swift, Java, Kotlin and Smali code, as well as native Android and iOS binaries. 

The curriculum also encompasses advanced Frida techniques, such as custom tracing, profiling, and advanced memory inspection, with practical application in real-world scenarios. Through case studies of prominent malware like Pegasus, Joker, MasterFred, Hermit, and Cerberus and several custom malware samples designed for the course, the course sheds light on reverse engineering, advanced forensics techniques, and extracting and analyzing forensic artifacts. It concludes with insights into future research opportunities.

Who Should Take This Course

This course is designed for malware researchers, reverse engineers, penetration testers, mobile developers, or anyone  passionate about learning more about the intricacies of mobile malware.

Share This :

CONTACT US

Please share with us the project requirements and the goals you want to achieve,  and one of our sales representatives will contact you within one business day.

Our Location

51 Pleasant St # 843, Malden, MA, Middlesex, US, 02148

General and Business inquiries

contact@8ksec.io

Trainings

trainings@8ksec.io

Press

press@8ksec.io

Phone

+1(347)-4772-006

SEND ENQUIRY