BEGIN:VCALENDAR VERSION:2.0 PRODID:-//HasGeek//NONSGML Funnel//EN DESCRIPTION:Workshop covering the basics of Android Application Pen-testin g and Exploitation X-WR-CALDESC:Workshop covering the basics of Android Application Pen-testi ng and Exploitation NAME:Introduction to Android Application Exploitation X-WR-CALNAME:Introduction to Android Application Exploitation REFRESH-INTERVAL;VALUE=DURATION:PT12H SUMMARY:Introduction to Android Application Exploitation TIMEZONE-ID:Asia/Kolkata X-PUBLISHED-TTL:PT12H X-WR-TIMEZONE:Asia/Kolkata BEGIN:VEVENT SUMMARY:The OWASP Mobile Top Ten DTSTART:20150808T043000Z DTEND:20150808T053000Z DTSTAMP:20260421T205143Z UID:session/6AiZa4rwg3EWMJMcs8wps2@hasgeek.com SEQUENCE:2 CATEGORIES:Beginner CREATED:20150803T071814Z DESCRIPTION:The top 10 covers the following:\n\nM1: Weak Server Side Contr ols\nM2: Insecure Data Storage\nM3: Insufficient Transport Layer Protectio n\nM4: Unintended Data Leakage\nM5: Poor Authorization and Authentication\ nM6: Broken Cryptography\nM7: Client Side Injection\nM8: Security Decision s Via Untrusted Inputs\nM9: Improper Session Handling\nM10: Lack of Binary Protections\n\n### Speaker bio\n\nApoorva Giri\n\nApoorva works as a Secu rity Analyst with iViZ Security (a Cigital company). She is the co-founder of InfoSec Girls\, a community that aims to encourage more women to enter the domain of Information Security. She has presented a workshop on “Cy ber Security and Ethical Hacking for Women” at c0c0n 2014 at Kochi\, Ker ala. She’s an active member of Null/OWASP Bangalore Chapter. She has bee n listed on the Barracuda Hall of Fame for finding vulnerabilities on thei r application. She is currently working on Mobile Application security.\n\ nHer contact information is below:\n\nEmail id: apoorvagiri19@gmail.com | Twitter: @cedricfanapoo | Website: https://infosecgirls.in\n\nShruthi Kama th\n\nShruthi works as a Security Analyst at Infosys Limited. She is the c o-founder of InfoSec Girls. She is a certified Ethical Hacker from EC Coun cil. She’s an active member of Null/OWASP Bangalore Chapter. She is pass ionate about learning new things. Her interest in InfoSec lies in web appl ication security. She has spoken at security conference like c0c0n and nul l meets. She has been a part of Jailbreak NULLCON 2014. She presented a ta lk on “Cybercrimes in India and its Mitigation” at the National Confer ence for Women Police held at Trivandrum\n\nEmail id: shruthikamath30@gmai l.com | Twitter: @shruthikamath30 | Website: https://infosecgirls.in\n LAST-MODIFIED:20230810T072606Z LOCATION:2nd Floor - HasGeek House\nBangalore\nIN ORGANIZER;CN=droidconIN:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/droidconin/android-exploitation-workshop/schedule/ the-owasp-mobile-top-ten-6AiZa4rwg3EWMJMcs8wps2 BEGIN:VALARM ACTION:display DESCRIPTION:The OWASP Mobile Top Ten in 2nd Floor in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Architecture of Android Applications DTSTART:20150808T053000Z DTEND:20150808T061500Z DTSTAMP:20260421T205143Z UID:session/Tged5cqzgZDa7429ULMQ9k@hasgeek.com SEQUENCE:2 CATEGORIES:Beginner CREATED:20150803T071934Z DESCRIPTION:This section will cover the architecture of android and it's w orking process.\n\n### Speaker bio\n\nApoorva works as a Security Analyst with iViZ Security (a Cigital company). She is the co-founder of InfoSec G irls\, a community that aims to encourage more women to enter the domain o f Information Security. She has presented a workshop on “Cyber Security and Ethical Hacking for Women” at c0c0n 2014 at Kochi\, Kerala. She’s an active member of Null/OWASP Bangalore Chapter. She has been listed on t he Barracuda Hall of Fame for finding vulnerabilities on their application . She is currently working on Mobile Application security.\n\nHer contact information is below:\n\nTwitter: @cedricfanapoo | Website: https://infose cgirls.in\n\nShruthi Kamath\n\nShruthi works as a Security Analyst at Info sys Limited. She is the co-founder of InfoSec Girls. She is a certified Et hical Hacker from EC Council. She’s an active member of Null/OWASP Banga lore Chapter. She is passionate about learning new things. Her interest in InfoSec lies in web application security. She has spoken at security conf erence like c0c0n and null meets. She has been a part of Jailbreak NULLCON 2014. She presented a talk on “Cybercrimes in India and its Mitigation ” at the National Conference for Women Police held at Trivandrum\n\nTwit ter: @shruthikamath30 | Website: https://infosecgirls.in\n LAST-MODIFIED:20230810T072606Z LOCATION:2nd Floor - HasGeek House\nBangalore\nIN ORGANIZER;CN=droidconIN:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/droidconin/android-exploitation-workshop/schedule/ architecture-of-android-applications-Tged5cqzgZDa7429ULMQ9k BEGIN:VALARM ACTION:display DESCRIPTION:Architecture of Android Applications in 2nd Floor in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Introducing the arsenal for pen-testing Android Apps. DTSTART:20150808T061500Z DTEND:20150808T070500Z DTSTAMP:20260421T205143Z UID:session/YQEKtQegvhvj4iYFonRqpf@hasgeek.com SEQUENCE:2 CATEGORIES:Beginner CREATED:20150803T071946Z DESCRIPTION:A few tools like Apktool\, dex2jar\, JD-GUI\, and Burp Suite p roxy will be introduced and each one of their roles in Android App Pentest ing is explained.\n\n### Speaker bio\n\nApoorva Giri\nApoorva works as a S ecurity Analyst with iViZ Security (a Cigital company). She is the co-foun der of InfoSec Girls\, a community that aims to encourage more women to en ter the domain of Information Security. She has presented a workshop on “Cyber Security and Ethical Hacking for Women” at c0c0n 2014 at Kochi\ , Kerala. She’s an active member of Null/OWASP Bangalore Chapter. She ha s been listed on the Barracuda Hall of Fame for finding vulnerabilities on their application. She is currently working on Mobile Application securit y.\nHer contact information is below: \nEmail id: Apoorvagiri19@gmail.com | Twitter: @cedricfanapoo | Website: https://infosecgirls.in\n\nShruthi Ka math\nShruthi works as a Security Analyst at Infosys Limited. She is the c o-founder of InfoSec Girls. She is a certified Ethical Hacker from EC Coun cil. She’s an active member of Null/OWASP Bangalore Chapter. She is pass ionate about learning new things. Her interest in InfoSec lies in web appl ication security. She has spoken at security conference like c0c0n and nul l meets. She has been a part of Jailbreak NULLCON 2014. She presented a ta lk on “Cybercrimes in India and its Mitigation” at the National Confer ence for Women Police held at Trivandrum\nEmail id: shruthikamath30@gmail. com | Twitter: @shruthikamath30 | Website: https://infosecgirls.in\n LAST-MODIFIED:20230810T072606Z LOCATION:2nd Floor - HasGeek House\nBangalore\nIN ORGANIZER;CN=droidconIN:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/droidconin/android-exploitation-workshop/schedule/ introducing-the-arsenal-for-pen-testing-android-apps-YQEKtQegvhvj4iYFonRqp f BEGIN:VALARM ACTION:display DESCRIPTION:Introducing the arsenal for pen-testing Android Apps. in 2nd F loor in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Installation of the sample apk and setting up the proxy. DTSTART:20150808T070500Z DTEND:20150808T073000Z DTSTAMP:20260421T205143Z UID:session/ZsxxCesy917BncS6aoJPo@hasgeek.com SEQUENCE:2 CATEGORIES:Beginner CREATED:20150803T071958Z DESCRIPTION:The participants will be provided with sample apks. Each apk h as a specific vulnerabilities. These vulnerabilities will be discovered in the later part of the workshop. The participants will also be guided on h ow to set up a proxy so that they can intercept the traffic between the ap plication and the server.\n\n### Speaker bio\n\nApoorva Giri\nApoorva work s as a Security Analyst with iViZ Security (a Cigital company). She is the co-founder of InfoSec Girls\, a community that aims to encourage more wom en to enter the domain of Information Security. She has presented a worksh op on “Cyber Security and Ethical Hacking for Women” at c0c0n 2014 at Kochi\, Kerala. She’s an active member of Null/OWASP Bangalore Chapter. She has been listed on the Barracuda Hall of Fame for finding vulnerabilit ies on their application. She is currently working on Mobile Application s ecurity.\nHer contact information is below: \n\n\nShruthi Kamath\nShruthi works as a Security Analyst at Infosys Limited. She is the co-founder of I nfoSec Girls. She is a certified Ethical Hacker from EC Council. She’s a n active member of Null/OWASP Bangalore Chapter. She is passionate about l earning new things. Her interest in InfoSec lies in web application securi ty. She has spoken at security conference like c0c0n and null meets. She h as been a part of Jailbreak NULLCON 2014. She presented a talk on “Cyber crimes in India and its Mitigation” at the National Conference for Women Police held at Trivandrum\n LAST-MODIFIED:20230810T072606Z LOCATION:2nd Floor - HasGeek House\nBangalore\nIN ORGANIZER;CN=droidconIN:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/droidconin/android-exploitation-workshop/schedule/ installation-of-the-sample-apk-and-setting-up-the-proxy-ZsxxCesy917BncS6ao JPo BEGIN:VALARM ACTION:display DESCRIPTION:Installation of the sample apk and setting up the proxy. in 2n d Floor in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Lunch Break DTSTART:20150808T073000Z DTEND:20150808T083000Z DTSTAMP:20260421T205143Z UID:session/CfPekHXtGU3ZvUCav7bDbj@hasgeek.com SEQUENCE:0 CREATED:20150803T072019Z DESCRIPTION:\n LAST-MODIFIED:20150803T072031Z LOCATION:HasGeek House\, Bangalore ORGANIZER;CN=droidconIN:MAILTO:no-reply@hasgeek.com BEGIN:VALARM ACTION:display DESCRIPTION:Lunch Break in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Dynamic Analysis DTSTART:20150808T083000Z DTEND:20150808T090000Z DTSTAMP:20260421T205143Z UID:session/JU2sqxQyZoU9a5BVLzuRVM@hasgeek.com SEQUENCE:2 CATEGORIES:Beginner CREATED:20150803T072116Z DESCRIPTION:Using the proxy set up in the previous session\, we will perfo rm dynamic testing on the applications and try to find out vulnerabilities that are similar to the vulnerabilities found during the pentesting of a traditional web app pentesting.\n\n### Speaker bio\n\nApoorva Giri\nApoorv a works as a Security Analyst with iViZ Security (a Cigital company). She is the co-founder of InfoSec Girls\, a community that aims to encourage mo re women to enter the domain of Information Security. She has presented a workshop on “Cyber Security and Ethical Hacking for Women” at c0c0n 20 14 at Kochi\, Kerala. She’s an active member of Null/OWASP Bangalore Cha pter. She has been listed on the Barracuda Hall of Fame for finding vulner abilities on their application. She is currently working on Mobile Applica tion security.\nHer contact information is below: \n\n\nShruthi Kamath\nSh ruthi works as a Security Analyst at Infosys Limited. She is the co-founde r of InfoSec Girls. She is a certified Ethical Hacker from EC Council. She ’s an active member of Null/OWASP Bangalore Chapter. She is passionate a bout learning new things. Her interest in InfoSec lies in web application security. She has spoken at security conference like c0c0n and null meets. She has been a part of Jailbreak NULLCON 2014. She presented a talk on “Cybercrimes in India and its Mitigation” at the National Conference f or Women Police held at Trivandrum\n LAST-MODIFIED:20230810T072606Z LOCATION:2nd Floor - HasGeek House\nBangalore\nIN ORGANIZER;CN=droidconIN:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/droidconin/android-exploitation-workshop/schedule/ dynamic-analysis-JU2sqxQyZoU9a5BVLzuRVM BEGIN:VALARM ACTION:display DESCRIPTION:Dynamic Analysis in 2nd Floor in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Static Analysis DTSTART:20150808T090000Z DTEND:20150808T093000Z DTSTAMP:20260421T205143Z UID:session/E5Eha2rVEoDN4cgAaqik4j@hasgeek.com SEQUENCE:2 CATEGORIES:Beginner CREATED:20150803T072129Z DESCRIPTION:This part of the session will cover the static analysis of the sample android application. At the end of this session\, the participant will be able to identify security issues like insecure local storage in da tabases and improper coding techniques.\n\n### Speaker bio\n\nApoorva Giri \nApoorva works as a Security Analyst with iViZ Security (a Cigital compan y). She is the co-founder of InfoSec Girls\, a community that aims to enco urage more women to enter the domain of Information Security. She has pres ented a workshop on “Cyber Security and Ethical Hacking for Women” at c0c0n 2014 at Kochi\, Kerala. She’s an active member of Null/OWASP Banga lore Chapter. She has been listed on the Barracuda Hall of Fame for findin g vulnerabilities on their application. She is currently working on Mobile Application security.\nHer contact information is below: \n\n\nShruthi Ka math\nShruthi works as a Security Analyst at Infosys Limited. She is the c o-founder of InfoSec Girls. She is a certified Ethical Hacker from EC Coun cil. She’s an active member of Null/OWASP Bangalore Chapter. She is pass ionate about learning new things. Her interest in InfoSec lies in web appl ication security. She has spoken at security conference like c0c0n and nul l meets. She has been a part of Jailbreak NULLCON 2014. She presented a ta lk on “Cybercrimes in India and its Mitigation” at the National Confer ence for Women Police held at Trivandrum\n LAST-MODIFIED:20230810T072606Z LOCATION:2nd Floor - HasGeek House\nBangalore\nIN ORGANIZER;CN=droidconIN:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/droidconin/android-exploitation-workshop/schedule/ static-analysis-E5Eha2rVEoDN4cgAaqik4j BEGIN:VALARM ACTION:display DESCRIPTION:Static Analysis in 2nd Floor in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Feedback session DTSTART:20150808T093000Z DTEND:20150808T095500Z DTSTAMP:20260421T205143Z UID:session/CELCbkQhHp3uTyg9DeSVcS@hasgeek.com SEQUENCE:2 CATEGORIES:Beginner CREATED:20150807T112456Z DESCRIPTION:Feedback session.\n\n### Speaker bio\n\nApoorva Giri\nApoorva works as a Security Analyst with iViZ Security (a Cigital company). She is the co-founder of InfoSec Girls\, a community that aims to encourage more women to enter the domain of Information Security. She has presented a wo rkshop on “Cyber Security and Ethical Hacking for Women” at c0c0n 2014 at Kochi\, Kerala. She’s an active member of Null/OWASP Bangalore Chapt er. She has been listed on the Barracuda Hall of Fame for finding vulnerab ilities on their application. She is currently working on Mobile Applicati on security.\nHer contact information is below: \nTwitter: @cedricfanapoo | Website: https://infosecgirls.in\n\nShruthi Kamath\nShruthi works as a S ecurity Analyst at Infosys Limited. She is the co-founder of InfoSec Girls . She is a certified Ethical Hacker from EC Council. She’s an active mem ber of Null/OWASP Bangalore Chapter. She is passionate about learning new things. Her interest in InfoSec lies in web application security. She has spoken at security conference like c0c0n and null meets. She has been a pa rt of Jailbreak NULLCON 2014. She presented a talk on “Cybercrimes in In dia and its Mitigation” at the National Conference for Women Police held at Trivandrum\n Twitter: @shruthikamath30 | Website: https://infosecgirls .in\n LAST-MODIFIED:20230810T072606Z LOCATION:2nd Floor - HasGeek House\nBangalore\nIN ORGANIZER;CN=droidconIN:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/droidconin/android-exploitation-workshop/schedule/ feedback-session-CELCbkQhHp3uTyg9DeSVcS BEGIN:VALARM ACTION:display DESCRIPTION:Feedback session in 2nd Floor in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT END:VCALENDAR