Tales of Practical Android Penetration Testing (Mobile Pentest Toolkit) Alexander Subbotin OWASP Bucharest AppSec 2018
|
|
|
- Chastity Griffith
- 5 years ago
- Views:
Transcription
1 Tales of Practical Android Penetration Testing (Mobile Pentest Toolkit) Alexander Subbotin OWASP Bucharest AppSec 2018
2 About Me About Me IT Security Consultant ( Penetration Tester/Ethical Hacker with 5 years experience Working for enterprise (banking industry, telecommunication companies, wholesale, etc.) Trainer for Android and Web Pentesting Author and Maintainer of Awesome Pentest Cheatsheets project Bug Hunter Yahoo on HackerOne
3 Setup Pentest Environment Requirements: Kali like distribution for mobile penetration testing Updates for most used tools Extensibility
4 Setup Pentest Environment - Current status Distribution Notes Last Update MobiSec Last update 3 years ago 3 years ago Santoku Based on Ubuntu Vezir Project Based on Ubuntu ,5 years ago Apple For Window only Android Tamer Manually updated to last versions of platform-tools, Android SDK, Android Studio and much more
5 Setup Pentest Environment Do we really need to use separated environment/vm? 95 % of time we are using the same (few) tools adb Java Decompiler Tools for static analysis Tools for dynamic analysis Debugger Tools allowing runtime modification
6 That is how the idea for Mobile-Pentest-Toolkit (MPT) was born For each category of tools use just one tool apktool abe pidcat signapk
7 Can you remember all the command line parameters for the mentioned tools? Example: jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore <name> <apk><alias> -storepass <pw> frida -R -f <package-name> -l file.js --no-pause You have to specify what to do and not how. MPT provides a simplest interface to your tooling related to android security testing.
8 Setup Pentest Environment - Tools MPT implements a simple package manager Currently supported git, http, and zip installation
9 Setup Pentest Environment - Device Install Pentest tools XposedFramework Drozer JustTrustMe (xposed plugin) Inspeckage (xposed plugin)
10 Setup Pentest Environment - Device Install Pentest tools
11 Setup Pentest Environment - Pentest Install the app Create configuration Allows to use MPT from everywhere
12 Setup Pentest Environment - Pentest Install the app Create configuration Allows to use MPT from everywhere
13 Starting your favorite tools jd-gui (source code review) Drozer (android app analysis) mobsf (static analysis) frida and more
14 OWASP testing methodology Insecure Data Storage adb logcat Is the output really readable?
15 OWASP testing methodology Insecure Data Storage Solution: use pidcat colored output for only on process
16 OWASP testing methodology Insecure Data Storage Backup Option Compare two states of application
17 OWASP testing methodology Insecure Data Storage Using --backup option create 2 backups for different states after login the /data/data/<app> folder states differ from each other
18 Other challenges Dynamic analysis Dynamic instrumentation and runtime hooking (Frida) Root Detection Bypass SSL Pinning Bypass
19 Other challenges Dynamic analysis - Inspeckage
20 Other challenges Dynamic instrumentation and runtime hooking (Frida) Download a proper Frida version and execute Frida on the device (--frida option)
21 Other challenges Dynamic instrumentation and runtime hooking (Frida) Use frida to hook cryptographic functions
22 Other challenges Dynamic instrumentation and runtime hooking (Frida) Use frida to hook cryptographic functions
23 Other challenges Root Detection Bypass Disable root detection at runtime using frida
24 Other challenges SSL Pinning Bypass
25 Other helpful tools Objection - is a runtime mobile exploration toolkit, powered by Frida working on not rooted and jailbroken devices. AppMon - automated framework for monitoring and tampering system API calls of native ios and android apps House - runtime mobile application analysis toolkit with a Web GUI, powered by Frida
26 MPT - Overview Setup Pentest Environment Tools Device Config Simple Interface to interact with pentest tools Allows to perform static, dynamic analysis Support to bypass SSL certificate pinning and root detection Supports zsh autocompletion
27 Further Ideas Automatically rebuild apk with backup and debug flags enabled (in progress) Automatically generate PoCs for sending broadcast messages and start activities and services (in progress) Integrate file explorer for files on the devices Generate Frida hooks for selected code (method) on the fly Implement anti-debugging bypass (in progress)
28 Thank you for your attention!
Abusing Android In-app Billing feature thanks to a misunderstood integration. Insomni hack 18 22/03/2018 Jérémy MATOS
Abusing Android In-app Billing feature thanks to a misunderstood integration Insomni hack 18 22/03/2018 Jérémy MATOS whois securingapps Developer background Worked last 12 years in Switzerland on security
Breaking and Securing Mobile Apps
Breaking and Securing Mobile Apps Aditya Gupta @adi1391 adi@attify.com +91-9538295259 Who Am I? The Mobile Security Guy Attify Security Architecture, Auditing, Trainings etc. Ex Rediff.com Security Lead
Mobile hacking. Marit Iren Rognli Tokle
Mobile hacking Marit Iren Rognli Tokle 14.11.2018 «Hacker boss Marit» Software Engineer at Sopra Steria Leading TG:Hack, Norways largest hacking competition Leading UiO-CTF with Laszlo Shared 1st place
OWASP German Chapter Stammtisch Initiative/Ruhrpott. Android App Pentest Workshop 101
OWASP German Chapter Stammtisch Initiative/Ruhrpott Android App Pentest Workshop 101 About What we will try to cover in the first session: Setup of a Mobile Application Pentest Environment Basics of Mobile
Playing with skype. 4knahs
Playing with skype 4knahs slacking @work Monkey taken from : http://www.websimians.com/ For educational purposes only! I do not support the use of any of the mentioned techniques for illegal activities..
TECHNICAL WHITE PAPER Penetration Test. Penetration Test. We help you build security into your software at every stage. 1 Page
Penetration Test We help you build security into your software at every stage 1 Page Table of Contents 1 Overview... 3 2 Penetration Test Services Overview... 4 2.1 Values of penetration testing... 4 2.2
Thursday, October 25, 12. How we tear into that little green man
How we tear into that little green man Who are you?! Mathew Rowley (@wuntee) Senior security consultant at Matasano Agenda Techniques MITM - SSL Static analysis -> Skype secret menu Modifying an app ->
Amsterdam April 12 th, 2018
Amsterdam April 12 th, 2018 Piergiovanni Cipolloni Security Advisor @Mediaservice.net S.r.l. (piergiovanni.cipolloni@mediaservice.net) ~ 20 years in Penetration Testing Security researcher Federico Dotta
Tale of a mobile application ruining the security of global solution because of a broken API design. SIGS Geneva 21/09/2016 Jérémy MATOS
Tale of a mobile application ruining the security of global solution because of a broken API design SIGS Geneva 21/09/2016 Jérémy MATOS whois securingapps Developer background Spent last 10 years working
From time to time Google changes the way it does things, and old tutorials may not apply to some new procedures.
From time to time Google changes the way it does things, and old tutorials may not apply to some new procedures. This is another tutorial which, in about 6 months, will probably be irrelevant. But until
SSL Configuration Oracle Banking Liquidity Management Release [April] [2017]
![SSL Configuration Oracle Banking Liquidity Management Release [April] [2017]](/thumbs/74/70574223.jpg "SSL Configuration Oracle Banking Liquidity Management Release [April] [2017]")
SSL Configuration Oracle Banking Liquidity Management Release 12.4.0.0.0 [April] [2017] Table of Contents 1. CONFIGURING SSL ON ORACLE WEBLOGIC... 1-1 1.1 INTRODUCTION... 1-1 1.2 SETTING UP SSL ON ORACLE
Android security enforcements
Android security enforcements Hello DroidCon! Javier Cuesta Gómez Android Engineer manager @Grab Android 2017 security 450 reports $1.1 payout The most difficult OWASP security risks: Unintended data leakage
How to secure your mobile application with RASP
How to secure your mobile application with RASP Webinar - 13 December 2016 Agenda 1. Mobile Application Security Risk categories Protection layers including RASP Dirk Denayer Enterprise & Application Security
When providing a native mobile app ruins the security of your existing web solution. CyberSec Conference /11/2015 Jérémy MATOS
When providing a native mobile app ruins the security of your existing web solution CyberSec Conference 2015 05/11/2015 Jérémy MATOS whois securingapps Developer background Spent last 10 years working
Android System Development Training 4-day session
Android System Development Training 4-day session Title Android System Development Training Overview Understanding the Android Internals Understanding the Android Build System Customizing Android for a
Ch 7: Mobile Device Management. CNIT 128: Hacking Mobile Devices. Updated
Ch 7: Mobile Device Management CNIT 128: Hacking Mobile Devices Updated 4-4-17 What is MDM? Frameworks that control, monitor, and manage mobile devices Deployed across enterprises or service providers
Hello! I AM ZARAH. I am an Android developer for Domain.com.au
TOOLS OF THE TRADE Hello! I AM ZARAH I am an Android developer for Domain.com.au THE KEY Know available tools THE KEY Know available tools There is no correct setup CODE FRAGMENTS FRAGMENT LIFECYCLE FragmentManager.enableDebugLogging(true);
The Attacker s POV Hacking Mobile Apps. in Your Enterprise to Reveal Real Vulns and Protect the Business. Tony Ramirez
The Attacker s POV Hacking Mobile Apps in Your Enterprise to Reveal Real Vulns and Protect the Business Tony Ramirez AGENDA & SPEAKERS Introduction Attacks on Mobile Live Demo Recommendations Q&A Tony
Advanced Ethical Hacking & Penetration Testing. Ethical Hacking
Summer Training Internship Program 2017 (STIP - 2017) is a practical oriented & industrial level training program for all students who have aspiration to work in the core technical industry domain. This
N different strategies to automate OWASP ZAP
OWASP BUCHAREST APPSEC CONFERENCE 13 OCTOBER 2017 The OWASP Foundation http://www.owasp.org N different strategies to automate OWASP ZAP The OWASP Zed Attack Proxy Marudhamaran Gunasekaran Zap Contributor
JUCE TUTORIALS. INTRO methodology how to create a GUI APP and how to create a Plugin.
JUCE TUTORIALS INTRO methodology how to create a GUI APP and how to create a Plugin. Install Juice and Xcode (or other IDE) Create a project: GUI Application Select platform Choose Path, Name, Folder Name
Bachelor Thesis Project. Evaluating Dynamic Analysis Methods for Android Applications
Bachelor Thesis Project Evaluating Dynamic Analysis Methods for Android Applications Author: Alexander Spottka Supervisor: Ola Flygt External Supervisor: Philip Åkesson Semester: VT 2017 Subject: Computer
By: Robert E. Sult. For the best results consult SULT. 6/29/2016 KODI for Fire Stick
By: Robert E. Sult For the best results consult SULT KODI for Fire Stick Connect your Fire stick to your TV with the power supply that came with your device. Select the correct channel Set up the WIFI
The Android security jungle: pitfalls, threats and survival tips. Scott
The Android security jungle: pitfalls, threats and survival tips Scott Alexander-Bown @scottyab The Jungle Ecosystem Google s protection Threats Risks Survival Network Data protection (encryption) App/device
Signing For Development/Debug
Signing Android Apps v1.0 By GoNorthWest 15 December 2011 If you are creating an Android application, Google requires that those applications are signed with a certificate. This signing process is significantly
Rationalizing Android Development. Philipp Kumar
Rationalizing Android Development Philipp Kumar Who am I? Philipp Kumar akquinet tech@spree GmbH Mobile Solutions Focus: Android and its Enterprise Integration Who are we? UI Design JBoss Consulting OSGi
MobileFindr: Function Similarity Identification for Reversing Mobile Binaries. Yibin Liao, Ruoyan Cai, Guodong Zhu, Yue Yin, Kang Li
MobileFindr: Function Similarity Identification for Reversing Mobile Binaries Yibin Liao, Ruoyan Cai, Guodong Zhu, Yue Yin, Kang Li Reverse Engineering The process of taking a software program s binary
Coordinated Disclosure of Vulnerabilities in AVG Antivirus Free Android
Coordinated Disclosure of Vulnerabilities in AVG Antivirus Free Android 5.9.4.1 1 Executive summary Researchers of MRG Effitas tested the AVG AntiVirus Free Android application. During use, we came across
Enabling the Mobile Professional
Enabling the Mobile Professional Shawn Misquitta Senior Director of Technology What s driving the need for mobile solutions? Wireless and data connections are becoming ubiquitous and users expect to be
Android InsecureBankv2 Usage Guide. InsecureBankv2
Android InsecureBankv2 Usage Guide Author Name Email ID GitHub Link Twitter Dinesh Shetty dinezh.shetty@gmail.com https://github.com/dineshshetty/android- InsecureBankv2 https://twitter.com/din3zh Usage
droidcon Greece Thessaloniki September 2015
droidcon Greece Thessaloniki 10-12 September 2015 Reverse Engineering in Android Countermeasures and Tools $ whoami > Dario Incalza (@h4oxer) > Application Security Engineering Analyst > Android Developer
Introspy Security Profiling for Blackbox ios and Android. Marc Blanchou Alban Diquet
Introspy Security Profiling for Blackbox ios and Android Marc Blanchou Alban Diquet Introduction What is it about? Tool release: Introspy Security profiler for ios and Android applications Useful to developers,
Being Mean To Your Code: Integrating Security Tools into Your DevOps Pipeline
Being Mean To Your Code: Integrating Security Tools into Your DevOps Pipeline Boston Code Camp 26 November 19, 2016 Robert Hurlbut RobertHurlbut.com @RobertHurlbut Boston Code Camp 26 - Thanks to our Sponsors!
Installation Guide for Windows
Installation Guide for Windows Cisco IoT Data Connect - Edge and Fog Fabric (EFF) 1.0.1 Revised: August 25, 2017 These release notes provide an overview to Cisco IoT DataConnect Edge and Fog Fabric version
Introduction to OWASP WebGoat and OWTF. by Pawel Rzepa
Introduction to OWASP WebGoat and OWTF by Pawel Rzepa About Me Security Engineer in SoftServe Poland Currently developing advanced fuzzing module in Spirent s Cyberflood OWASP member (OWASP Poland Chapter
Application. Security. on line training. Academy. by Appsec Labs
Application Security on line training Academy by Appsec Labs APPSEC LABS ACADEMY APPLICATION SECURITY & SECURE CODING ON LINE TRAINING PROGRAM AppSec Labs is an expert application security company serving
Mobile Programming Lecture 4. Debugging
Mobile Programming Lecture 4 Debugging Lecture 2 Review How do you make the android:inputtype attribute of an EditText both textcapwords and textmultiline? Why should you use a @string resource for TextViews
Produced by. Mobile Application Development. David Drohan Department of Computing & Mathematics Waterford Institute of Technology
Mobile Application Development Produced by David Drohan (ddrohan@wit.ie) Department of Computing & Mathematics Waterford Institute of Technology http://www.wit.ie Android Google Services" Part 1 Google+
Fejlessz biztonságos alkalmazást
Fejlessz biztonságos alkalmazást programozási minták fejlesztőknek Attila Polacsek Senior Android Developer Supercharge Csaba Kozák Android Tech Lead Supercharge Security techniques API protection API
EveryonePrint. Mobile Gateway 4.2. Installation Guide. EveryonePrint Mobile Gateway Installation Guide Page 1 of 30
EveryonePrint Mobile Gateway 4.2 Installation Guide EveryonePrint Mobile Gateway Installation Guide 2016.09.01 Page 1 of 30 1. Introduction... 3 1.1 Multiple networks (using Multicast Bonjour AirPrint)...
CS260 Intro to Java & Android 04.Android Intro
CS260 Intro to Java & Android 04.Android Intro Winter 2015 Winter 2015 CS260 - Intro to Java & Android 1 Android - Getting Started Android SDK contains: API Libraries Developer Tools Documentation Sample
SONOTON storage server
The SONOTON storage server offers different protocols which all use SSL secured communications. All protocols will work with the login details given to you by SONOTON. Overview: Protocols supported: HTTPS
The digital copy of this thesis is protected by the Copyright Act 1994 (New Zealand).
http://researchcommons.waikato.ac.nz/ Research Commons at the University of Waikato Copyright Statement: The digital copy of this thesis is protected by the Copyright Act 1994 (New Zealand). The thesis
Copyright
1 Angry Birds Sudoku Trivia Crack Candy Crash Saga 2 The NYT app Buzzfeed Flipboard Reddit 3 Finance apps Calendars Translators Grocery list makers 4 Music apps Travel Apps Food & Drink apps Dating apps
Certified Secure Web Application Engineer
Certified Secure Web Application Engineer ACCREDITATIONS EXAM INFORMATION The Certified Secure Web Application Engineer exam is taken online through Mile2 s Assessment and Certification System ( MACS ),
Android Sdk Install Documentation Eclipse. Ubuntu >>>CLICK HERE<<<
Android Sdk Install Documentation Eclipse Ubuntu 12.04 These are instructions to install the Android SDK onto Ubuntu. If you are only I'm skipping the Eclipse install, sorry if you wanted. Just trying
Index. D, E Damn Vulnerable ios application (DVIA), Data Execution Prevention (DEP), 3 Data storage security,
Index A Address Space Layout Randomization (ASLR), 3 Anti-debugging protections, 125 126 Application delegate protocol, 63 ApplicationDidFinishLaunching function, 113 App transport security, 6 Authentication,
Man in the Middle Attacks and Secured Communications
FEBRUARY 2018 Abstract This document will discuss the interplay between Man in The Middle (MiTM/ MITM) attacks and the security technologies that are deployed to prevent them. The discussion will follow
Manual Android Virtual Device Failed To Load Error
Manual Android Virtual Device Failed To Load Error When I click on the Windows tab and then select Android Virtual Device Manager, I get the error "Android Virtual Device failed to load". I have attached
Android Eclipse You May Want To Manually Restart Adb From The Devices View
Android Eclipse You May Want To Manually Restart Adb From The Devices View Adb is not connected while running Android Application in eclipse. Getting something like this You may want to manually restart
Produced by. Mobile Application Development. David Drohan Department of Computing & Mathematics Waterford Institute of Technology
Mobile Application Development Produced by David Drohan (ddrohan@wit.ie) Department of Computing & Mathematics Waterford Institute of Technology http://www.wit.ie Android Google Services" Part 1 Google+
Mobile and Ubiquitous Computing: Android Programming (part 1)
Mobile and Ubiquitous Computing: Android Programming (part 1) Master studies, Winter 2015/2016 Dr Veljko Pejović Veljko.Pejovic@fri.uni-lj.si The World of Android The Android Platform A mobile operating
Hacking a Moving Target
Hacking a Moving Target Mobile ApplicaLon PenetraLon Chris Cuevas Senior Security Consultant ccuevas@secureideas.net Office - 904-639- 6709 2012 Secure Ideas LLC hdp://www.secureideas.net Chris Cuevas
Android. Lesson 1. Introduction. Android Developer Fundamentals. Android Developer Fundamentals. to Android 1
Android Lesson 1 1 1 1.0 to Android 2 Contents Android is an ecosystem Android platform architecture Android Versions Challenges of Android app development App fundamentals 3 Android Ecosystem 4 What is
Mobile Malfeasance. Exploring Dangerous Mobile Code. Jason Haddix, Director of Penetration Testing
Mobile Malfeasance Exploring Dangerous Mobile Code Jason Haddix, Director of Penetration Testing Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to
Oracle Real-Time Scheduler
Oracle Real-Time Scheduler Hybrid Mobile Application Installation and Deployment Guide Release 2.3.0.2.0 E91564-01 February 2018 Release 2.3.0.2.0 Copyright 2000, 2018 Oracle and/or its affiliates. All
Mobile Payment Application Security. Security steps to take while developing Mobile Application s. SISA Webinar.
Mobile Payment Application Security Security steps to take while developing Mobile Application s About SISA Payment Security Specialists PCI Certification Body (PCI Qualified Security Assessor) Payment
Chat with a hacker. Increase attack surface for Pentest. A talk by Egor Karbutov and Alexey Pertsev
Chat with a hacker Increase attack surface for Pentest A talk by Egor Karbutov and Alexey Pertsev $ Whoarewe Egor Karbutov & Alexey Pertsev Penetration testers @Digital Security Speakers Bug Hunters 2
BUILDING A TEST ENVIRONMENT FOR ANDROID ANTI-MALWARE TESTS Hendrik Pilz AV-TEST GmbH, Klewitzstr. 7, Magdeburg, Germany
BUILDING A TEST ENVIRONMENT FOR ANDROID ANTI-MALWARE TESTS Hendrik Pilz AV-TEST GmbH, Klewitzstr. 7, 39112 Magdeburg, Germany Email hpilz@av-test.de ABSTRACT The growth of the Smartphone market over the
CSWAE Certified Secure Web Application Engineer
CSWAE Certified Secure Web Application Engineer Overview Organizations and governments fall victim to internet based attacks every day. In many cases, web attacks could be thwarted but hackers, organized
THE POWER AND RISK OF MOBILE. White paper
THE POWER AND RISK OF MOBILE White paper TABLE OF CONTENTS Executive Summary - 3 Introduction - 4 The Power and Risk of Mobile - 4 Growing Dominance of Android - 5 Best Practices to Develop Secure Mobile
NSIGHT ECLIPSE EDITION
NSIGHT ECLIPSE EDITION DG-06450-001 _v5.0 October 2012 Getting Started Guide TABLE OF CONTENTS Chapter 1. Introduction...1 1.1 About...1 Chapter 2. Using... 2 2.1 Installing... 2 2.1.1 Installing CUDA
Lab Android Development Environment
Lab Android Development Environment Setting up the ADT, Creating, Running and Debugging Your First Application Objectives: Familiarize yourself with the Android Development Environment Important Note:
Coordinated Disclosure of Vulnerabilities in McAfee Security Android
Coordinated Disclosure of Vulnerabilities in McAfee Security Android 4.8.0.370 1 Executive summary Researchers of MRG Effitas tested the McAfee Security Android application. During use, we came across
Installing and configuring an Android device emulator. EntwicklerCamp 2012
Installing and configuring an Android device emulator EntwicklerCamp 2012 Page 1 of 29 Table of Contents Lab objectives...3 Time estimate...3 Prerequisites...3 Getting started...3 Setting up the device
Webi Auto Documentation
Webi Documentation Made Easy Overview Contents This document contains a detailed description of how to make use of the Report Engine SDK to help make the documentation process more efficient. OVERVIEW...2
Manage Mobile Security Incidents Like A Boss
Manage Mobile Security Incidents Like A Boss Ismail Guneydas Security Manager/Faculty Kimberly Clark/Texas A&M 10/02/2015 Legal Notice From My Lawyer The opinions expressed in this presentation represent
HACKING TIZEN THE OS OF EVERYTHING. AJIN
HACKING TIZEN THE OS OF EVERYTHING AJIN ABRAHAM @ajinabraham WHOMAI Application Security Engineer,Yodlee Blogs at opensecurity.in Spoken at NULLCON, ClubHack, OWASP AppSec, BlackHat, Ground Zero Summit.
Mobile and Wireless Systems Programming
to Android Android is a software stack for mobile devices that includes : an operating system middleware key applications Open source project based on Linux kernel 2.6 Open Handset Alliance (Google, HTC,
Managing Broadband Access Center
CHAPTER 9 This chapter describes the various subcomponents within Cisco Broadband Access Center (BAC) that you can use to manage the system. These include: BAC Process Watchdog, page 9-1 Administrator
CLX.MAP & Mobile Security
CLX.MAP & Mobile Security Agenda Digital Banking Mobile Banking Apps CLX.MAP Mobile Security App Hardening Is my App Secure? 2 Digital Banking PortalApp / Mobile Security CREALOGIX 3 Digital Banking Trends
Android Online Training
Android Online Training IQ training facility offers Android Online Training. Our Android trainers come with vast work experience and teaching skills. Our Android training online is regarded as the one
Digital it Signatures. Message Authentication Codes. Message Hash. Security. COMP755 Advanced OS 1
Digital Signatures Digital it Signatures Offer similar protections as handwritten signatures in the real world. 1. Difficult to forge. 2. Easily verifiable. 3. Not deniable. 4. Easy to implement. 5. Differs
Tutorial on Basic Android Setup
Tutorial on Basic Android Setup EE368/CS232 Digital Image Processing, Spring 2015 Linux Version Introduction In this tutorial, we will learn how to set up the Android software development environment and
Lab 6: Google Maps Android API v2 Android Studio 10/14/2016
Lab 6: Google Maps Android API v2 Android Studio 10/14/2016 One of the defining features of mobile phones is their portability. It's not surprising that some of the most enticing APIs are those that enable
Welcome to the OWASP TOP 10
Welcome to the OWASP TOP 10 Secure Development for Java Developers Dominik Schadow 03/20/2012 BASEL BERN LAUSANNE ZÜRICH DÜSSELDORF FRANKFURT A.M. FREIBURG I.BR. HAMBURG MÜNCHEN STUTTGART WIEN 1 AGENDA
A novel runtime technique for identifying malicious applications
HUNTING ANDROID MALWARE A novel runtime technique for identifying malicious applications WHOAMI @brompwnie THANK YOU SensePost Heroku OUTLINE The... Problem Question Idea PoC Results Conclusion THE PROBLEM
PVRTrace. Quick Start Guide for Unrooted Android Devices
Public Imagination Technologies PVRTrace Quick Start Guide for Unrooted Android Devices Public. This publication contains proprietary information which is subject to change without notice and is supplied
ATC Android Application Development
ATC Android Application Development 1. Android Framework and Android Studio b. Android Platform Architecture i. Linux Kernel ii. Hardware Abstraction Layer(HAL) iii. Android runtime iv. Native C/C++ Libraries
Link-OS SDK for Xamarin README
Link-OS SDK for Xamarin README This readme is specific to the LinkOS Xamarin SDK. This SDK is a Xamarin PCL in the plugin format. Also included in the files is a sample app showing use of specific APIs.
Obtaining a Google Maps API Key. v1.0. By GoNorthWest. 15 December 2011
Obtaining a Google Maps API Key v1.0 By GoNorthWest 15 December 2011 If you are creating an Android application that uses maps in it (which is a very cool feature to have!), you re going to need a Google
AWS Lambda. 1.1 What is AWS Lambda?
Objectives Key objectives of this chapter Lambda Functions Use cases The programming model Lambda blueprints AWS Lambda 1.1 What is AWS Lambda? AWS Lambda lets you run your code written in a number of
In The Middle of Printers The (In)Security of Pull Prin8ng Solu8ons. Jakub Kałużny. SecuRing
In The Middle of Printers The (In)Security of Pull Prin8ng Solu8ons Jakub Kałużny SecuRing #whoami IT Security Consultant at SecuRing Consul8ng all phases of SDLC Previously worked for ESA and online money
Small footprint inspection techniques for Android
Small footprint inspection techniques for Android Damien Cauquil, Pierre Jaury 29C3 December 29, 2012 Damien Cauquil, Pierre Jaury Small footprint inspection techniques for Android 1 / 33 Introduction
CS371m - Mobile Computing. Persistence - Web Based Storage CHECK OUT g/sync-adapters/index.
CS371m - Mobile Computing Persistence - Web Based Storage CHECK OUT https://developer.android.com/trainin g/sync-adapters/index.html The Cloud. 2 Backend No clear definition of backend front end - user
Installation Manual Oracle FLEXCUBE Corporate Lending [April] [2016] Part No. E
![Installation Manual Oracle FLEXCUBE Corporate Lending [April] [2016] Part No. E](/thumbs/96/128749137.jpg "Installation Manual Oracle FLEXCUBE Corporate Lending [April] [2016] Part No. E")
Installation Manual Oracle FLEXCUBE Corporate Lending 12.1.0.0.0 [April] [2016] Part No. E74823-01 OFCL Installation Guide Table of Contents 1. ORACLE FLEXCUBE LENDING DEPLOYMENT ON 11G RELEASE 2 APPLICATION
Oracle Enterprise Pack
Oracle Enterprise Pack Installing Oracle Enterprise Pack 12c (12.2.1.6) E83407-02 June 2017 Documentation that describes how to install the Oracle Enterprise Pack for Eclipse. Oracle Enterprise Pack Installing
Android Application Programming Tutorial
Android Application Programming Tutorial Karl Cronburg, Lianne Lairmore, Kyle Peters, Raina Masand, & Tom Kim December 3, 2012 1 Development Environment: Development of Android applications is possible
The MDX Toolkit version is a release available on Citrix.com and XenMobile MDX Service for enterprise wrapping.
MDX Toolkit Nov 20, 2017 Important T he MDX Toolkit 10.7.10 is the final release that supports the wrapping of XenMobile Apps. Users access XenMobile Apps versions 10.7.5 and later from the public app
Authentication Technology for a Smart eid Infrastructure.
Authentication Technology for a Smart eid Infrastructure. www.aducid.com One app to access all public and private sector online services. One registration allows users to access all their online accounts
Installing Design Room ONE
Installing Design Room ONE Design Room ONE consists of two components: 1. The Design Room ONE web server This is a Node JS server which uses a Mongo database. 2. The Design Room ONE Integration plugin
Foreword by Katie Moussouris... Acknowledgments... xvii. Introduction...xix. Chapter 1: The Basics of Networking... 1
Brief Contents Foreword by Katie Moussouris.... xv Acknowledgments... xvii Introduction...xix Chapter 1: The Basics of Networking... 1 Chapter 2: Capturing Application Traffic... 11 Chapter 3: Network
Customized Enterprise Installation of IBM Rational ClearCase Using the IBM Rational ClearCase Remote Client plug-in and the Eclipse SDK
Customized Enterprise Installation of IBM Rational ClearCase Using the IBM Rational ClearCase Remote Client plug-in and the Eclipse SDK Fred Bickford IV Senior Advisory Software Engineer IBM Rational Customer
keyon / PKCS#11 to MS-CAPI Bridge User Guide V2.4
/ PKCS#11 to MS-CAPI Bridge V2.4 April 2017 Table of Contents Copyright 2017 by AG All rights reserved. No part of the contents of this manual may be reproduced or transmitted in any form or by any means
Version 7.6 PREEMPTIVE SOLUTIONS DASHO. User Guide
Version 7.6 PREEMPTIVE SOLUTIONS DASHO User Guide 1998-2015 by PreEmptive Solutions, LLC All rights reserved. Manual Version 7.6 www.preemptive.com TRADEMARKS DashO, Overload-Induction, the PreEmptive
Lecture 1 - Introduction to Android
Lecture 1 - Introduction to Android This work is licensed under the Creative Commons Attribution 4.0 International License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/
Qualcomm Snapdragon Profiler
Qualcomm Technologies, Inc. Qualcomm Snapdragon Profiler User Guide September 21, 2018 Qualcomm Snapdragon is a product of Qualcomm Technologies, Inc. Other Qualcomm products referenced herein are products
Steps to Set Up the Environment of Xamarin in Visual
Before a couple of years ago many people were on the thinking line that Native Languages like Objective-C, Swift and Java is the only choice to develop native Mobile Applications. Well gone are those days
Mainframe and Mobile: Perfect Together 16036
Mainframe and Mobile: Perfect Together 16036 Monday, March 2, 2015: 3:15PM-4:15PM Ron Piracci, Jason Fournier Verizon Insert Custom Session QR if Desired. Why is the Mainframe & Mobile Perfect together?
Android Sdk Tutorial Toolkit Version
Android Sdk Tutorial Toolkit Version 20.0 0 You can download the official bits from developer.android.com/sdk/index.html. For Android Studio preview channels and download links, see the Android. toolkit.