Reverse, Bypass, Exploit: Mobile Hacking Workshop

Description

Agenda

• iOS and Android Mobile Platforms
• Local Storage (Data at Rest)
• Network Traffic (Data in Transit)
• App Misconsigurations
• Reverse Engineering Techniques
• Bypassing SSL Pinning
• Bypassing Security Protections
  • Biometrics
  • Root Detection
  • Jailbreak Detection
• Manipulating Runtime Behaviour with Frida

Software Dependencies

• VPN Client for your operating system: https://support.corellium.com/features/connect/vpn
• Frida: https://frida.re/docs/home/
• Objection: https://github.com/sensepost/objection
• Burp Suite Community Edition: https://portswigger.net/burp
• SQLite database browser: https://sqlitebrowser.org/
• Corellium Cafe for iOS: https://www.corellium.com/hubfs/Corellium_Cafe.ipa
• Corellium Cafe for Android: https://www.corellium.com/hubfs/Corellium_Cafe.apk

Key Learning Objectives

By the end of the workshop, you will have learned:

Test Environment Configuration: Choose from a range of hardware options & iOS firmware versions to configure your test environment, slashing administrative overhead and costs while maximizing your time on what matters—breaking stuff.

Data at Rest Exploitation: Pinpoint insecure storage issues, including hard-coded credentials, customer data, keychain misconfigurations. Learn how to leverage runtime tools to dynamically probe app data.

Data in Transit: Dig into network traffic with real-time analysis using a Burp Suite proxy and the Network Monitor tool.

Reverse Engineering & Runtime Control: Decompile apps using JADX to sidestep jailbreak detection, and exploit common attack vectors with exacting precision. Use dynamic instrumentation tools to manipulate runtime behavior.

Who Should Attend?

Designed for penetration testers, security researchers, red and blue team members, mobile developers, compliance professionals, and other power users interested in mobile app security.

Prerequisite Knowledge

Familiarity working out of the command line Basic knowledge of Java, Python and JavaScript

Hardware Requirements

Participants are encouraged to follow along with a laptop. Please ensure at least 8GB of RAM running a modern 64bit OS, with at least 20GB of free space after installing dependencies from the Tools Used section. Please be sure to bring your laptop’s charger.

Bio