SlideShare a Scribd company logo
Getting Started With
Hacking Android & iOS Apps
Tools, Techniques & Resources
Abhinav Mishra
Founder, ENCIPHERS
ENCIPHERS
InfoSec Consulting | Training
@enciphers_
@0ctac0der
www.enciphers.com
Mobile
Application
Penetration
Testing
What to do? What
Why to do?
How to do?
Where to go, if you are
stuck?
Why
How
Where
This is a 1 hour talk. I strongly believe that in focusing on technical
parts in one hour, is not the best approach.
Hence, this talk will majorly be about the methodology and discussing
resources.
Disclaimer
What to
test? What
to look for? The methodology should be based on
knowledge, not the tools
01
What?
The mobile application penetration testing is mainly divided in two parts:
● Static Analysis
○ As the name suggests, stuff that can be tested statically. Maybe even without installing the app.
● Dynamic Analysis
○ As the name suggests, stuff that can be tested when the app is running. Network calls, crypto,
storage etc.
What?
What are the ingredients of a mobile application?
● Do you know the structure of the application package?
○ IPA | APK ~ Zip
● Manifest | Plist
● Resources that the app would need
● Source code
● XML? Config? Res? Certs etc.
What?
What happens when you install and use a mobile app?
● Permission on device?
○ To access data, use hardware, access other apps etc.
● Provide personal/account data.
○ Username/Email/Password etc.
● Network calls?
○ TLS? MITM?
● On device Security? Data at rest.
○ Crypto? Storage details
● API Security?
○ IDOR?
○ Authorisation/Authentication?
What?
Anything else on the device which:
● Handles user and application data
● Handles network connection
● Uses device permissions
● Implements a security control
Ok, so we know what all things are there to be tested/analysed. But why do we need to test each of these
things?
● Static Analysis:
○ Sensitive information inside app package might lead to more attack surface.
○ Bad crypto implementation might be bypassed.
● Dynamic Analysis
○ User and application internal data should be safeguarded
○ Not implementing a security control is a security issue, bypassing it might not always be
○ Request and response is the place where all the action happens, this should be secure
○ APIs, are the biggest source of vulnerabilities in mobile applications
Why?
If you know what to test and why to test, then finding or knowing how to test that might be
the easiest part.
IMHO, majority of people focus only on this section…
● What tools to use?
● How to use the tools?
● Click to hack/secure applications
So, let’s talk about how to do each of these....
How?
What to test?
● Mobile Application Security Testing Checklist
How to test?
● Setting up lab?
○ Hardware Requirements:
■ Android:
● Android Studio/ADB
● Any virtual device, Genymotion, AVD & Tools
■ iOS:
● Preferably Mac, or a high (good) config laptop
● iDevice (iPhone, iPad etc.) [Thanks to Checkra1n]
Tools, Techniques & Resources?
Mobexler: A customised virtual machine, designed to help in penetration testing of Android & iOS
applications.
When to use:
● Does not have Mac
● Don’t want to install a large amount of security tools on Mac
● Want to test Android & iOS apps at the same time, from the same setup
Let’s get to Mobexler then.
Mobexler
Tools?
● Android: https://enciphers.com/awesome-android-application-security/
● iOS: https://enciphers.com/awesome-ios-application-security/
Resources?
● Jailbreaking: https://canijailbreak.com/
● Mobile application hacker's handbook
● OWASP MSTG: https://mobile-security.gitbook.io/mobile-security-testing-guide/
● Talks on iOS & Android Security:
○ Android: https://www.youtube.com/watch?v=B3Udl86Zu20&t=20700s
○ iOS: https://www.youtube.com/watch?v=B3Udl86Zu20&t=22920s
○ Demystifying Frida: https://www.youtube.com/watch?v=kd05JjCqViY
● Blogs:
○ iOS Security: http://www.allysonomalley.com/
○ Reverse engg. iOS apps: https://github.com/ivRodriguezCA/RE-iOS-Apps
○ Android Security:
https://medium.com/knowing-android/modern-security-in-android-part-1-6282bcb71e6c
Tools, Techniques & Resources?
Resources?
● Frida Cheat Sheet, for Android: https://erev0s.com/blog/frida-code-snippets-for-android/
● Android App Reverse Engg: https://maddiestone.github.io/AndroidAppRE/
Techniques:
● Jailbreak bypass in iOS: https://syrion.me/blog/ios-swift-antijailbreak-bypass-frida/
● SSL Pinning bypass: https://www.cyclon3.com/bypass-instagram-ssl-certificate-pinning-for-ios
● Xamarin cert pinning bypass:
https://www.gosecure.net/blog/2020/04/06/bypassing-xamarin-certificate-pinning-on-android/
● Frida scripts: https://codeshare.frida.re/
● Frida Scripts: https://github.com/0xdea/frida-scripts
Trainings:
● iOS Application Security: https://www.enciphers-trainings.com/p/ios-application-security
Tools, Techniques & Resources?
Questions?(There's) no such thing as a stupid question.
CREDITS: This presentation template was created by Slidesgo, including
icons by Flaticon, and infographics & images by Freepik.
THANKS!
Do you have more questions?
a@enciphers.com
Join Slack: Invite Link

More Related Content

What's hot (20)

PPTX
Down The Rabbit Hole, From Networker to Security Professional
Satria Ady Pradana
 
PPTX
Owasp for testing_mobile_apps_opd
Pawel Rzepa
 
PPTX
Red team Engagement
Indranil Banerjee
 
PPTX
Effective Threat Hunting with Tactical Threat Intelligence
Dhruv Majumdar
 
PDF
Threat Hunting Report
Morane Decriem
 
PPTX
How to assign a CVE to yourself?
Ramin Farajpour Cami
 
PDF
Enabling effective hunt teaming and incident response
jeffmcjunkin
 
PPTX
Maltego Webinar Slides
ThreatConnect
 
PDF
OSINT Basics for Threat Hunters and Practitioners
Megan DeBlois
 
PPTX
Berkarir di Cyber Security
Satria Ady Pradana
 
PDF
Threat Hunting with Splunk
Splunk
 
PPTX
Threat hunting and achieving security maturity
DNIF
 
PDF
Security by Design: An Introduction to Drupal Security
Tara Arnold
 
PPTX
Abstract Tools for Effective Threat Hunting
chrissanders88
 
PPTX
Malware Analysis
Ramin Farajpour Cami
 
PDF
Enfilade: Tool to Detect Infections in MongoDB Instances
Aditya K Sood
 
PPTX
Basics of getting Into Bug Bounty Hunting
Muhammad Khizer Javed
 
PPS
Information Gathering with Google (c0c0n - India)
Maximiliano Soler
 
PDF
Advanced Threats and Lateral Movement Detection
Greg Foss
 
PPTX
Threat Hunting with Splunk Hands-on
Splunk
 
Down The Rabbit Hole, From Networker to Security Professional
Satria Ady Pradana
 
Owasp for testing_mobile_apps_opd
Pawel Rzepa
 
Red team Engagement
Indranil Banerjee
 
Effective Threat Hunting with Tactical Threat Intelligence
Dhruv Majumdar
 
Threat Hunting Report
Morane Decriem
 
How to assign a CVE to yourself?
Ramin Farajpour Cami
 
Enabling effective hunt teaming and incident response
jeffmcjunkin
 
Maltego Webinar Slides
ThreatConnect
 
OSINT Basics for Threat Hunters and Practitioners
Megan DeBlois
 
Berkarir di Cyber Security
Satria Ady Pradana
 
Threat Hunting with Splunk
Splunk
 
Threat hunting and achieving security maturity
DNIF
 
Security by Design: An Introduction to Drupal Security
Tara Arnold
 
Abstract Tools for Effective Threat Hunting
chrissanders88
 
Malware Analysis
Ramin Farajpour Cami
 
Enfilade: Tool to Detect Infections in MongoDB Instances
Aditya K Sood
 
Basics of getting Into Bug Bounty Hunting
Muhammad Khizer Javed
 
Information Gathering with Google (c0c0n - India)
Maximiliano Soler
 
Advanced Threats and Lateral Movement Detection
Greg Foss
 
Threat Hunting with Splunk Hands-on
Splunk
 

Similar to Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resources (20)

PDF
Security testing in mobile applications
Jose Manuel Ortega Candel
 
PDF
WHAT IS APP SECURITY – THE COMPLETE PROCESS AND THE TOOLS & TESTS TO RUN IT
TekRevol LLC
 
PDF
Understanding Mobile App Security Testing_ What It Is and How to Perform It.pdf
kalichargn70th171
 
PDF
Challenges in Testing Mobile App Security
Cygnet Infotech
 
PDF
Understanding Mobile App Security Testing_ What It Is and How to Perform It.pdf
flufftailshop
 
PDF
Top Mobile Application Penetration Testing Tools for Android and iOS.pdf
ElanusTechnologies
 
PPTX
Mobile security part 1(Android Apps Pentesting)- Romansh yadav
Romansh Yadav
 
PDF
DEF CON 24 - Dinesh and Shetty - practical android application exploitation
Felipe Prado
 
PPT
Mobile code mining for discovery and exploits nullcongoa2013
Blueinfy Solutions
 
PPTX
Mobile application security
Shubhneet Goel
 
PPTX
Mobile Application Security
Ishan Girdhar
 
PDF
Why Mobile App Penetration Testing Matters.pdf
CyberPro Magazine
 
PPTX
Droidcon mobile security
Judy Ngure
 
PDF
All You Need to Know About Application Security Testing.pdf
kalichargn70th171
 
PPTX
Untitled 1
Sergey Kochergan
 
PPTX
Security testing of mobile applications
GTestClub
 
PPTX
Android pentesting
Mykhailo Antonishyn
 
PDF
Android "Fight Club" : In pursuit of APPiness -- null Humla Delhi Chapter
Abhinav Mishra
 
PDF
Getting started with Android pentesting
Minali Arora
 
PDF
Mobile arsenal
Ackcent
 
Security testing in mobile applications
Jose Manuel Ortega Candel
 
WHAT IS APP SECURITY – THE COMPLETE PROCESS AND THE TOOLS & TESTS TO RUN IT
TekRevol LLC
 
Understanding Mobile App Security Testing_ What It Is and How to Perform It.pdf
kalichargn70th171
 
Challenges in Testing Mobile App Security
Cygnet Infotech
 
Understanding Mobile App Security Testing_ What It Is and How to Perform It.pdf
flufftailshop
 
Top Mobile Application Penetration Testing Tools for Android and iOS.pdf
ElanusTechnologies
 
Mobile security part 1(Android Apps Pentesting)- Romansh yadav
Romansh Yadav
 
DEF CON 24 - Dinesh and Shetty - practical android application exploitation
Felipe Prado
 
Mobile code mining for discovery and exploits nullcongoa2013
Blueinfy Solutions
 
Mobile application security
Shubhneet Goel
 
Mobile Application Security
Ishan Girdhar
 
Why Mobile App Penetration Testing Matters.pdf
CyberPro Magazine
 
Droidcon mobile security
Judy Ngure
 
All You Need to Know About Application Security Testing.pdf
kalichargn70th171
 
Untitled 1
Sergey Kochergan
 
Security testing of mobile applications
GTestClub
 
Android pentesting
Mykhailo Antonishyn
 
Android "Fight Club" : In pursuit of APPiness -- null Humla Delhi Chapter
Abhinav Mishra
 
Getting started with Android pentesting
Minali Arora
 
Mobile arsenal
Ackcent
 

More from OWASP Delhi (20)

PDF
Securing dns records from subdomain takeover
OWASP Delhi
 
PDF
Effective Cyber Security Report Writing
OWASP Delhi
 
PPTX
Data sniffing over Air Gap
OWASP Delhi
 
PPTX
UDP Hunter
OWASP Delhi
 
PDF
Demystifying Container Escapes
OWASP Delhi
 
PPTX
Automating WAF using Terraform
OWASP Delhi
 
PPTX
Actionable Threat Intelligence
OWASP Delhi
 
PPTX
Owasp top 10 vulnerabilities
OWASP Delhi
 
PPTX
Recon with Nmap
OWASP Delhi
 
PPTX
Securing AWS environments by Ankit Giri
OWASP Delhi
 
PDF
DMARC Overview
OWASP Delhi
 
PDF
Cloud assessments by :- Aakash Goel
OWASP Delhi
 
PDF
Pentesting Rest API's by :- Gaurang Bhatnagar
OWASP Delhi
 
ODP
Wireless security beyond password cracking by Mohit Ranjan
OWASP Delhi
 
PDF
IETF's Role and Mandate in Internet Governance by Mohit Batra
OWASP Delhi
 
PDF
Malicious Hypervisor - Virtualization in Shellcodes by Adhokshaj Mishra
OWASP Delhi
 
PPTX
ICS Security 101 by Sandeep Singh
OWASP Delhi
 
PDF
Thwarting The Surveillance in Online Communication by Adhokshaj Mishra
OWASP Delhi
 
ODP
Hostile Subdomain Takeover by Ankit Prateek
OWASP Delhi
 
PDF
DFIR using Docker Containers by Deep Shankar Yadav
OWASP Delhi
 
Securing dns records from subdomain takeover
OWASP Delhi
 
Effective Cyber Security Report Writing
OWASP Delhi
 
Data sniffing over Air Gap
OWASP Delhi
 
UDP Hunter
OWASP Delhi
 
Demystifying Container Escapes
OWASP Delhi
 
Automating WAF using Terraform
OWASP Delhi
 
Actionable Threat Intelligence
OWASP Delhi
 
Owasp top 10 vulnerabilities
OWASP Delhi
 
Recon with Nmap
OWASP Delhi
 
Securing AWS environments by Ankit Giri
OWASP Delhi
 
DMARC Overview
OWASP Delhi
 
Cloud assessments by :- Aakash Goel
OWASP Delhi
 
Pentesting Rest API's by :- Gaurang Bhatnagar
OWASP Delhi
 
Wireless security beyond password cracking by Mohit Ranjan
OWASP Delhi
 
IETF's Role and Mandate in Internet Governance by Mohit Batra
OWASP Delhi
 
Malicious Hypervisor - Virtualization in Shellcodes by Adhokshaj Mishra
OWASP Delhi
 
ICS Security 101 by Sandeep Singh
OWASP Delhi
 
Thwarting The Surveillance in Online Communication by Adhokshaj Mishra
OWASP Delhi
 
Hostile Subdomain Takeover by Ankit Prateek
OWASP Delhi
 
DFIR using Docker Containers by Deep Shankar Yadav
OWASP Delhi
 

Recently uploaded (20)

PDF
"Beyond English: Navigating the Challenges of Building a Ukrainian-language R...
Fwdays
 
PPTX
AUTOMATION AND ROBOTICS IN PHARMA INDUSTRY.pptx
sameeraaabegumm
 
PDF
CIFDAQ Market Wrap for the week of 4th July 2025
CIFDAQ
 
PDF
Reverse Engineering of Security Products: Developing an Advanced Microsoft De...
nwbxhhcyjv
 
PDF
DevBcn - Building 10x Organizations Using Modern Productivity Metrics
Justin Reock
 
PDF
"AI Transformation: Directions and Challenges", Pavlo Shaternik
Fwdays
 
PDF
Mastering Financial Management in Direct Selling
Epixel MLM Software
 
PDF
Jak MŚP w Europie Środkowo-Wschodniej odnajdują się w świecie AI
dominikamizerska1
 
PDF
CIFDAQ Market Insights for July 7th 2025
CIFDAQ
 
PDF
Staying Human in a Machine- Accelerated World
Catalin Jora
 
PPTX
"Autonomy of LLM Agents: Current State and Future Prospects", Oles` Petriv
Fwdays
 
PDF
Empower Inclusion Through Accessible Java Applications
Ana-Maria Mihalceanu
 
PDF
POV_ Why Enterprises Need to Find Value in ZERO.pdf
darshakparmar
 
PPTX
The Project Compass - GDG on Campus MSIT
dscmsitkol
 
PDF
[Newgen] NewgenONE Marvin Brochure 1.pdf
darshakparmar
 
PDF
IoT-Powered Industrial Transformation – Smart Manufacturing to Connected Heal...
Rejig Digital
 
PDF
Smart Trailers 2025 Update with History and Overview
Paul Menig
 
PDF
Transforming Utility Networks: Large-scale Data Migrations with FME
Safe Software
 
PPTX
OpenID AuthZEN - Analyst Briefing July 2025
David Brossard
 
PPTX
WooCommerce Workshop: Bring Your Laptop
Laura Hartwig
 
"Beyond English: Navigating the Challenges of Building a Ukrainian-language R...
Fwdays
 
AUTOMATION AND ROBOTICS IN PHARMA INDUSTRY.pptx
sameeraaabegumm
 
CIFDAQ Market Wrap for the week of 4th July 2025
CIFDAQ
 
Reverse Engineering of Security Products: Developing an Advanced Microsoft De...
nwbxhhcyjv
 
DevBcn - Building 10x Organizations Using Modern Productivity Metrics
Justin Reock
 
"AI Transformation: Directions and Challenges", Pavlo Shaternik
Fwdays
 
Mastering Financial Management in Direct Selling
Epixel MLM Software
 
Jak MŚP w Europie Środkowo-Wschodniej odnajdują się w świecie AI
dominikamizerska1
 
CIFDAQ Market Insights for July 7th 2025
CIFDAQ
 
Staying Human in a Machine- Accelerated World
Catalin Jora
 
"Autonomy of LLM Agents: Current State and Future Prospects", Oles` Petriv
Fwdays
 
Empower Inclusion Through Accessible Java Applications
Ana-Maria Mihalceanu
 
POV_ Why Enterprises Need to Find Value in ZERO.pdf
darshakparmar
 
The Project Compass - GDG on Campus MSIT
dscmsitkol
 
[Newgen] NewgenONE Marvin Brochure 1.pdf
darshakparmar
 
IoT-Powered Industrial Transformation – Smart Manufacturing to Connected Heal...
Rejig Digital
 
Smart Trailers 2025 Update with History and Overview
Paul Menig
 
Transforming Utility Networks: Large-scale Data Migrations with FME
Safe Software
 
OpenID AuthZEN - Analyst Briefing July 2025
David Brossard
 
WooCommerce Workshop: Bring Your Laptop
Laura Hartwig
 

Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resources

  • 1. Getting Started With Hacking Android & iOS Apps Tools, Techniques & Resources
  • 2. Abhinav Mishra Founder, ENCIPHERS ENCIPHERS InfoSec Consulting | Training @enciphers_ @0ctac0der www.enciphers.com
  • 3. Mobile Application Penetration Testing What to do? What Why to do? How to do? Where to go, if you are stuck? Why How Where
  • 4. This is a 1 hour talk. I strongly believe that in focusing on technical parts in one hour, is not the best approach. Hence, this talk will majorly be about the methodology and discussing resources. Disclaimer
  • 5. What to test? What to look for? The methodology should be based on knowledge, not the tools 01
  • 6. What? The mobile application penetration testing is mainly divided in two parts: ● Static Analysis ○ As the name suggests, stuff that can be tested statically. Maybe even without installing the app. ● Dynamic Analysis ○ As the name suggests, stuff that can be tested when the app is running. Network calls, crypto, storage etc.
  • 7. What? What are the ingredients of a mobile application? ● Do you know the structure of the application package? ○ IPA | APK ~ Zip ● Manifest | Plist ● Resources that the app would need ● Source code ● XML? Config? Res? Certs etc.
  • 8. What? What happens when you install and use a mobile app? ● Permission on device? ○ To access data, use hardware, access other apps etc. ● Provide personal/account data. ○ Username/Email/Password etc. ● Network calls? ○ TLS? MITM? ● On device Security? Data at rest. ○ Crypto? Storage details ● API Security? ○ IDOR? ○ Authorisation/Authentication?
  • 9. What? Anything else on the device which: ● Handles user and application data ● Handles network connection ● Uses device permissions ● Implements a security control
  • 10. Ok, so we know what all things are there to be tested/analysed. But why do we need to test each of these things? ● Static Analysis: ○ Sensitive information inside app package might lead to more attack surface. ○ Bad crypto implementation might be bypassed. ● Dynamic Analysis ○ User and application internal data should be safeguarded ○ Not implementing a security control is a security issue, bypassing it might not always be ○ Request and response is the place where all the action happens, this should be secure ○ APIs, are the biggest source of vulnerabilities in mobile applications Why?
  • 11. If you know what to test and why to test, then finding or knowing how to test that might be the easiest part. IMHO, majority of people focus only on this section… ● What tools to use? ● How to use the tools? ● Click to hack/secure applications So, let’s talk about how to do each of these.... How?
  • 12. What to test? ● Mobile Application Security Testing Checklist How to test? ● Setting up lab? ○ Hardware Requirements: ■ Android: ● Android Studio/ADB ● Any virtual device, Genymotion, AVD & Tools ■ iOS: ● Preferably Mac, or a high (good) config laptop ● iDevice (iPhone, iPad etc.) [Thanks to Checkra1n] Tools, Techniques & Resources?
  • 13. Mobexler: A customised virtual machine, designed to help in penetration testing of Android & iOS applications. When to use: ● Does not have Mac ● Don’t want to install a large amount of security tools on Mac ● Want to test Android & iOS apps at the same time, from the same setup Let’s get to Mobexler then. Mobexler
  • 14. Tools? ● Android: https://enciphers.com/awesome-android-application-security/ ● iOS: https://enciphers.com/awesome-ios-application-security/ Resources? ● Jailbreaking: https://canijailbreak.com/ ● Mobile application hacker's handbook ● OWASP MSTG: https://mobile-security.gitbook.io/mobile-security-testing-guide/ ● Talks on iOS & Android Security: ○ Android: https://www.youtube.com/watch?v=B3Udl86Zu20&t=20700s ○ iOS: https://www.youtube.com/watch?v=B3Udl86Zu20&t=22920s ○ Demystifying Frida: https://www.youtube.com/watch?v=kd05JjCqViY ● Blogs: ○ iOS Security: http://www.allysonomalley.com/ ○ Reverse engg. iOS apps: https://github.com/ivRodriguezCA/RE-iOS-Apps ○ Android Security: https://medium.com/knowing-android/modern-security-in-android-part-1-6282bcb71e6c Tools, Techniques & Resources?
  • 15. Resources? ● Frida Cheat Sheet, for Android: https://erev0s.com/blog/frida-code-snippets-for-android/ ● Android App Reverse Engg: https://maddiestone.github.io/AndroidAppRE/ Techniques: ● Jailbreak bypass in iOS: https://syrion.me/blog/ios-swift-antijailbreak-bypass-frida/ ● SSL Pinning bypass: https://www.cyclon3.com/bypass-instagram-ssl-certificate-pinning-for-ios ● Xamarin cert pinning bypass: https://www.gosecure.net/blog/2020/04/06/bypassing-xamarin-certificate-pinning-on-android/ ● Frida scripts: https://codeshare.frida.re/ ● Frida Scripts: https://github.com/0xdea/frida-scripts Trainings: ● iOS Application Security: https://www.enciphers-trainings.com/p/ios-application-security Tools, Techniques & Resources?
  • 16. Questions?(There's) no such thing as a stupid question.
  • 17. CREDITS: This presentation template was created by Slidesgo, including icons by Flaticon, and infographics & images by Freepik. THANKS! Do you have more questions? [email protected] Join Slack: Invite Link