[Owasp-leaders] AppSec USA 2014 - OWASP Project Summit Event Workshop

Jonathan Carter jonathan.carter at owasp.org
Tue Sep 9 21:59:29 UTC 2014

Hi everyone,

My project, OWASP Reverse Engineering and Code Modification Prevention,
will be leading the first-ever hands-on interactive workshop at OWASP
AppSec USA 2014. This will be a hands-on workshop on reverse engineering
and code modification of mobile apps on iPhones.  I'll be providing the
laptops as well as the jailbroken devices to participants.

The summit is intended for mobile app developers and security experts to
gain first-hand knowledge / experience of reverse engineering hacking
techniques and tools on iDevices. This workshop shows how hackers can
leverage widely available third party tools to completely disable and
compromise mobile app binaries to gain unauthorized access to source code,
then tamper with the app to enable unauthorized access, advanced malware
attacks, steal sensitive data or intellectual property, conduct fraud etc..

Attendees will:

+ Learn about the evolutions in the mobile threat landscape
+ Participate in a live demonstration of reverse-engineering and tampering
attacks (customized workstation included) via ‘hands-on’ exercises that
teach attendees how hackers use third party tools to compromise app
integrity  (e.g. Clutch, IDA, Hex-Rays, otool, classdump, Theos,
gds/nm/strings debuggers, etc.) using the workshop sample mobile banking
app or even their own app!
+ Explore findings from mobile banking red-team testing projects at several
top global banks

The inaugural workshop will uniquely enable attendees to immediately apply
their app protection learning’s in their own environments in order to
mitigate app binary risk and implement new approaches on mobile app

Limited Seating and Prequalification
Workshop seats are limited to 10 per day on Sept. 18 and Sept. 19th.  To
fully engage in the workshop, interested participants need to have advanced
app development and computer engineering skills.  Due to the severely
limited size, participants will receive confirmation upon completion of
pre-qualification questions from the project leads.

Please email me directly if you'd like to attend the workshop!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20140909/48f392c2/attachment.html>

More information about the OWASP-Leaders mailing list