Introduction to Android Application Exploitation
Workshop covering the basics of Android Application Pen-testing and Exploitation
Aug 2015
3 Mon
4 Tue
5 Wed
6 Thu
7 Fri
8 Sat 10:00 AM – 03:25 PM IST
9 Sun
SK
Shruthi Kamath
@shruthikamath
The OWASP Mobile Top Ten
Submitted Aug 2, 2015
Technical level:
Beginner
This section covers the top 10 vulnerabilities of mobile
Outline
The top 10 covers the following:
M1: Weak Server Side Controls
M2: Insecure Data Storage
M3: Insufficient Transport Layer Protection
M4: Unintended Data Leakage
M5: Poor Authorization and Authentication
M6: Broken Cryptography
M7: Client Side Injection
M8: Security Decisions Via Untrusted Inputs
M9: Improper Session Handling
M10: Lack of Binary Protections
Requirements
Hardware:
Laptop with admin privileges.
Minimum 10 GB of free space.
Minimum 4 GB RAM.
Any of the following Operating Systems:
a. OS X
b. Win 7 and above
c. Ubuntu
Software:
1.Must have VM Player or VirtualBox installed on their machines.
2.The vulnerable APKs will be shared at the venue.
Speaker bio
Apoorva Giri
Apoorva works as a Security Analyst with iViZ Security (a Cigital company). She is the co-founder of InfoSec Girls, a community that aims to encourage more women to enter the domain of Information Security. She has presented a workshop on “Cyber Security and Ethical Hacking for Women” at c0c0n 2014 at Kochi, Kerala. She’s an active member of Null/OWASP Bangalore Chapter. She has been listed on the Barracuda Hall of Fame for finding vulnerabilities on their application. She is currently working on Mobile Application security.
Her contact information is below:
Email id: apoorvagiri19@gmail.com | Twitter: @cedricfanapoo | Website: https://infosecgirls.in
Shruthi Kamath
Shruthi works as a Security Analyst at Infosys Limited. She is the co-founder of InfoSec Girls. She is a certified Ethical Hacker from EC Council. She’s an active member of Null/OWASP Bangalore Chapter. She is passionate about learning new things. Her interest in InfoSec lies in web application security. She has spoken at security conference like c0c0n and null meets. She has been a part of Jailbreak NULLCON 2014. She presented a talk on “Cybercrimes in India and its Mitigation” at the National Conference for Women Police held at Trivandrum
Email id: shruthikamath30@gmail.com | Twitter: @shruthikamath30 | Website: https://infosecgirls.in
Comments
Hosted by
droidconIN is an annual conference on Android, part of the worldwide series of events.
more
{{ gettext('Login to leave a comment') }}
{{ gettext('Post a comment…') }}{{ errorMsg }}
{{ gettext('No comments posted yet') }}