[OWASP-Philadelphia] Next Meetup: Runtime Analysis on Mobile Applications February 16th

Aaron Weaver aaron.weaver2 at gmail.com
Mon Feb 6 21:28:04 UTC 2017

Hi all,

Our next meeting is scheduled for February 16th, Thursday at 5:45 on mobile
analysis. Hope to see you there. If you are interested in hosting or
speaking at an upcoming event let me know.

*Register here*: https://www.meetup.com/OWASP-Philadelphia/events/237496942/

Runtime Analysis on Mobile Applications

Generally, reviewing a mobile application for security vulnerabilities
include areas such as local storage, cryptographic usage, mobile traffic
analysis, black box static analysis, etc. The methods and tools which are
typically used to conduct these reviews are outdated, difficult to properly
configure and/or use, and in many instances provide an incomplete picture.
The easiest way sometimes would be to review the application while it is
running, as it would provide a better understanding of the application’s
behavior. However, debugging tools such as “gdb”, “jdb/jdwp”, and “adb”
require significant manual time to analyze the application. And if we have
to change the application’s normal behavior for bypassing any security
controls, we have to decompile the application, edit the code, and rebuild
the application.

In this presentation, we will understand more effective methods of
conducting runtime analysis on both iOS and Android applications, utilizing
tools which monitor runtime behavior. We will also cover how
hooking/runtime tools like “cycript” and “MobileSubstrate” work, and
briefly discuss how these can be used to bypass controls such as built-in
application safeguards, jailbreak detection, and certificate pinning. In
addition, we will also discuss venues of attack vectors which may open up
while testing the application at runtime. We will aim to deduce that, by
including runtime analysis as part of our penetration testing methodology,
we will save a time while performing it more effectively.

Aaron Weaver
Philadelphia OWASP Chapter Lead
OWASP AppSec Pipeline Lead
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-philadelphia/attachments/20170206/868bb30e/attachment.html>

More information about the OWASP-Philadelphia mailing list