Practical Mobile Application Exploitation (Live Training)

Live On-Site / Live Virtual

BECOME A CERTIFIED MOBILE SECURITY ENGINEER

Learn the essential skills and techniques necessary to conduct comprehensive security audits of both iOS and Android applications. Learn how to secure against an array of potential threats and vulnerabilities that target your application.

Cmse_logo

What You Will Learn

This comprehensive course provides you with in-depth knowledge and practical tools for mastering Android and iOS app security. Whether you’re a beginner or a seasoned security enthusiast, our fast-paced curriculum, featuring intensive hands-on labs, will empower you to effectively exploit and secure mobile apps.

We are bringing an updated version of the course with the latest tools & techniques. The training is based on exploiting vulnerable apps written by the authors, as well as exploiting a wide range of real-world application vulnerabilities. The students will get an in-depth knowledge about the different kinds of vulnerabilities in Mobile applications. The students will also learn how to reverse engineer iOS and Android Apps and system binaries. After the workshop, the students will be able to successfully pentest and secure applications running on iOS and Android platforms.This course prepares you for the Certificate Mobile Security Engineer (CMSE) certification exam, a hands-on assessment specifically designed to test your ability to exploit real-world vulnerabilities commonly found in mobile applications.

By attending this course , you will get 

  • An attempt to CMSE (Certificate Mobile Security Engineer) certification exam
  • Certificate of completion for the Training program
  • Source code for vulnerable applications
  • Source code for Exploit PoCs’ that can be used for Bug Bounties
  • All Frida Scripts used during the course
  • Students will be provided with access to Corellium for iOS and Android hands-on for the duration of the course (Live On-site & Virtual Training only)
  • Students will be provided access to cloud instances for the duration of the course (Live On-site & Virtual Training only)
  • Slack access for the class and after for regular mobile security discussions (Live On-site & Virtual Training only)
 

Key Objectives

  • Learn how to set up your own Lab environment for testing
  • Learn how to Reverse engineer iOS and Android binaries (Apps and system binaries)
  • Get an understanding of the ARM64 Instruction Set
    Get PoC applications to perform 1 click exploits on Mobile apps
  • Learn how to debug iOS and Android apps
  • Get an intro to common bug various bug categories on Android and iOS systems
  • Learn to audit iOS and Android apps for security vulnerabilities
  • Understand and bypass anti-debugging and obfuscation techniques
  • Learn manual and automated ways of bypassing exploit mitigations
  • Learn to identify vulnerabilities in native as well as Cross-platform apps
  • Learn to exploit different iPC mechanisms in iOS and Android apps
  • Get a detailed walkthrough on using IDA Pro, Hopper, Ghidra, etc
  • Secure Mobile apps by implementing custom solutions
  • Become a Certified Mobile Security Engineer (CMSE)

Duration

2 Days

Ways to Learn

Who Should Attend?

This course is for penetration testers, mobile developers or anyone keen to learn mobile application security.

laptop Requirements

  • Laptop with: 8+ GB RAM and 40 GB hard disk space
  • Students will be provided with access to Linux cloud instances (Live On-site & Virtual Training only)
  • Students will be provided with access to Corellium for Android and iOS hands-on and as such do not need to carry physical devices (Live On-site & Virtual Training only)
  • Administrative access on the system is required

Detailed Course Setup instructions and Slack access will be sent a few weeks prior to the class

Need To Justify To Your Manager?

Need a Template to Justify the Training Request to your Manager? Download the Template below

Syllabus

  • Key Concepts and Terminologies
  • Introduction to Hopper/Ghidra
  • Introduction to the ARM64 instruction set
  • Introduction to Objective-C and Swift
  • Reversing Objective-C and Swift Binaries
  • Disassembling methods
  • Modifying assembly instructions
  • Deciphering Mangled Swift Symbols
  • Identifying Native Code 
  • Understanding the Program flow
  • Identifying Cross-Platform mobile frameworks
  • iOS security model
  • App Signing, Sandboxing, and Provisioning
  • iOS App Groups
  • Primer to iOS 17-18 security
  • Xcode Primer 
  • Address Sanitizer
  • Exploring the iOS filesystem
  • What’s in a Code Signature?
  • Entitlements explained
  • How Sandboxing works on iOS
  • Setting up lldb for Debugging
  • lldb basic and advanced usage
  • Setting up the testing environment
  • Jailbreaking your device
  • What’s in a Rootless Jailbreak?
  • Jailbreak Bootstraps
  • Sideloading apps
  • Binary protection measures
  • Decrypting IPA files
  • Self-signing iOS binaries
  • Bundle vs Data Container
  • Finding Secrets in Code
  • Dumping class information
  • Insecure local data storage
  • Inspecting Keychain items
  • Identifying URL schemes and Universal Links
  • Dynamic Analysis of iOS applications
  • Method Swizzling
  • Debugging apps using lldb
  • Modifying ARM registers
  • Basic App Instrumentation techniques using Frida
  • Advance App Instrumentation techniques using Frida
  • Frida on Non-Jailbroken devices
  • Frida on Swift and native code
  • Reversing Third Party frameworks
  • Testing React Native and Flutter Apps
  • Automating App Inspection 
  • Tracing Crypto operations
  • Side channel data leakage
  • Sensitive information disclosure
  • Bypassing Jailbreak Detection 
  • Bypassing SSL Pinning
  • Bypassing Certificate transparency checks
  • Exploiting iOS WebViews
  • Exploiting URL schemes and Universal LInks
  • Client-side injection
  • Bypassing jailbreak, piracy checks
  • Inspecting Network traffic
  • Traffic interception over HTTP, HTTPs
  • Manipulating network traffic
  • Identifying iOS malware
  • AppAttest and Device Check frameworks
  • Device Fingerprinting
  • Detecting GPS Spoofing
  • Implementing Secure Webviews
  • Code Obfuscation techniques
  • Protecting the Transport Layer
  • Detecting Malicious Libraries
  • Implementing Anti-Debug Checks
  • Detecting Suspicious Device Reset
  • Detecting Patched Applications
  • Detecting Proxied Applications
  • Jailbreak Detection Techniques
  • Why Android
  • Android Security Architecture
  • Extracting APK files from Google Play
  • Understanding Android application structure
  • Signing Android applications
  • ADB – Non-Root
  • Rooting Android devices
  • ADB – Rooted
  • Understanding the Android file system
  • Sandboxing on Android
  • Attack Surfaces for Android applications
  • Understanding Android Components
  • Introducing Android Emulator
  • Introducing Android AVD
  • Setting up Android Pentest Environment
  • Process of Android Apps Engineering
  • Reverse Engineering for Android Apps
  • Smali Learning Labs
  • Examining Smali files
  • Smali vs Java
  • Dex Analysis and Obfuscation
  • Reversing Obfuscated Android Applications
  • Case Study of Popular Android Malwares
  • Patching Android Applications
  • Proxying Android Traffic
  • Introduction to Certificate Transparency
  • Exploiting Local Storage
  • Exploiting Weak Cryptography
  • Exploiting Side Channel Data Leakage
  • Multiple Manual and Automated Root Detection and Bypass Techniques
  • Exploiting Weak Authorization mechanism
  • Identifying and Exploiting Android Components
  • Analyzing Proguard, DexGuard, and other Obfuscation Techniques
  • Exploiting Android NDK
  • Exploiting Android WebViews
  • Exploiting DeepLinks in Android
  • Multiple Manual and Automated SSL Pinning Bypass techniques
  • Exploiting Crypto using Frida
  • Basic App Exploitation techniques using Frida
  • Dumping Class Information using Frida
  • Dumping Method Information using Frida
  • Viewing and Changing Information using Frida
  • Calling Arbitrary functions using Frida
  • Exploiting native libraries using Frida
  • Tracing using Frida
  • Advance App Exploitation techniques using Frida
  • Frida on non-rooted Android
  • Detecting Patched Android Applications
  • App Integrity Protection
  • Detecting Malicious Libraries
  • Detecting Emulator/Rooted Devices
  • Secure Implementation of WebViews
  • Implementing Anti-Debug Checks
  • Detecting Suspicious Device Reset
  • Detecting Proxied Applications

Prerequisites

To successfully participate in this course, attendees should possess the following:

  • Working knowledge of cybersecurity and pentesting fundamentals
  • Basic working knowledge of iOS and Android platforms
  • Basic Linux skills and command-line proficiency
  • Understanding of fundamental programming concepts and looping structures in at least one higher-level language (Java, Kotlin, Objective-C, Swift, C, C++, or similar)
  • Basic ARM/AARCH64 binary assembly knowledge is recommended, but not required

CERTIFIED MOBILE SECURITY ENGINEER (CMSE)

This training qualifies you for the Certified Mobile Security Engineer (CMSE) Certification. This certification signifies your ability to decipher Vulnerability Reports and conduct comprehensive Vulnerability Research (VR) using specialized tools within these platforms.

Exam Duration : 48 hours

Cmse_logo

TRUSTED TRAINING PROVIDERS

Our trainers boast more than ten years of experience delivering diverse training sessions at conferences such as Blackhat, HITB, Power of Community, Zer0con, OWASP Appsec, and more.

Hear from our Students

Our Students are our greatest voice, just read what they have to say!

Take Your Skills To The Next Level

OUR MODES OF TRAINING

ON DEMAND

USD $899 onwards

Ideal for Individuals
 
  • Flexibility of self-paced learning
  • Instant access to course materials upon purchase
  • Extensive labs and self-assessments
  • Repeatability of Course Content
  • Certification exam 

LIVE VIRTUAL

GET IN TOUCH FOR PRICING

Perfect for Teams in Multiple Location
 
  • Real-time interaction with our expert trainers over Zoom
  • Customizable content tailored to your team’s needs
  • Continued support after the training
  • Certification exam

LIVE ON-SITE

GET IN TOUCH FOR PRICING

Perfect for Teams in One Location
 
  • Real-time interaction with our expert trainers at an onsite location
  • Customizable content tailored to your team’s needs
  • Continued support after the training
  • Certification exam

FAQ

Our Live Virtual and On-Site sessions replicate the interactive classroom experience, fostering real-time collaboration and engagement among participants.

 
 

While prior experience is helpful, the course is designed to accommodate various skill levels. It provides a structured learning path, starting from foundational concepts and progressing to advanced techniques.

The preparation time for the Certification varies based on your individual learning pace and level of engagement post-training. On average, participants spend a few days to several weeks preparing, which includes both theoretical learning and hands-on lab practice. It is recommended to spend at least 2-3 weeks practicing before attempting the Certification Exam after the training.

No, the training that you purchase from 8kSec, including the course materials is exclusively for your individual use. You may not reproduce, distribute or display (post/upload) lecture notes, or recordings, or course materials in any other way — whether or not a fee is charged – without the express written consent of 8kSec.

For On-Site/Virtual Courses during private trainings/conferences, we provide a customized certificate after the completion of the course. Please note that the Certificate of Course Completion is different from the one obtained after clearning the Certification exam.

We provide Certification exams exclusively to registered training participants. The cost of the Certification exam is bundled into the pricing of every training package purchased.

 
 
 

For Virtual/Live Trainings, we will provide you access to our Lab environment and an instruction guide during the training.

Once you submit your report, one of the members of our review board will review the report and provide with the results in 3 business days.

The fee to retake the certification exam is USD $119. To schedule your re-examination, simply email info@8ksec.io and our logistics team will be in touch.

You can find our Training Schedule at https://8ksec.io/public-training/. To schedule a Live Virtual or Live On-site private training for a group of 5+ attendees, email trainings@8ksec.io and our logistics team will get in touch with you to organize one.

The information on this page is subject to change without notice.

CONTACT US

Please share with us the project requirements and the goals you want to achieve,  and one of our sales representatives will contact you within one business day.

Our Location

51 Pleasant St # 843, Malden, MA, Middlesex, US, 02148

General and Business inquiries

contact@8ksec.io

Trainings

trainings@8ksec.io

Press

press@8ksec.io

Phone

+1(347)-4772-006

SEND ENQUIRY