Training Details
What Will Students Learn
After running sold-out trainings at multiple conferences over the last few years, we are back with an updated version of our course which now covers ARM64, mobile browser security, and detailed Mobile apps and operating system security. The class starts with a basic introduction to the ARM instruction set and calling conventions followed by some reverse engineering exercises. We then learn how to craft simple exploits for the ARM64 environment.
Next, we move to Mobile browser security, understand some of the browser mitigations followed by writing some simple exploits for the mobile browser. We then cover iOS and Android internals in further detail. We then discuss some of the exploitation techniques using real-world vulnerabilities (e.g., voucher_swap, checkm8, etc) followed by a walkthrough of how jailbreaks are written. We also discuss some of the common vulnerability types (Heap Overflows, Use-after-free, Uninitialized Stack variable, Race conditions).
The training then moves on to application security based on exploiting the Damn Vulnerable iOS app, Android-InsecureBankv2, and InsecurePass application written by the authors of this course in addition to a broad range of other real-world applications. We also cover a variety of mitigations deployed in real-world apps and discuss how to bypass them.
Slides, videos and detailed documentation on the labs will be provided to the students for practice after the class. Corellium access will be provided to students during the duration of the training course.
Please share with us the project requirements and the goals you want to achieve, and one of our sales representatives will contact you within one business day.
51 Pleasant St # 843, Malden, MA, Middlesex, US, 02148
contact@8ksec.io
trainings@8ksec.io
press@8ksec.io
+1(347)-4772-006
Get the latest news & updates
© 2024 8kSec LLC All Right Reserved
