Price: $3,999.00

Length: 4 Days
Print Friendly, PDF & Email

 

Why should you choose TONEX for your Mobile Ethical Hacking and Mobile Device Security Training?

Mobile Ethical Hacking training course was designed and created to introduce mobile device security basic principals, mobile network architecture, mobile app development, policy and enforcement rules, mobile code analysis, penetration testing and mobile ethical hacking.

Mobile hacking is an emerging threat targeting many end users and enterprises. Cybercriminals launch many mobile attacks including mobile phishing attacks since
they can take advantage of certain limitations of the mobile platform.

Through the hands-on labs and workshop, students will practice and learn about principals around securing mobile devices, mobile applications and mobile networks. Learn how to analyze and evaluate mobile app threats, mobile device penetration and exploit and how the attackers find out about mobile devices and applications weaknesses.

Design and run mobile hacking attacks in the classroom labs. Some of the mobile hacking concepts you will learn to master mobile hacking are:

  • Mobile device and application architecture
  • Mobile and device security functions
  • Mobile networks ethical hacking
  • Mobile security and management
  • Mobile phones, tablets, and applications ethical hacking
  • Mobile penetration testing
  • Mobile device threats, policies, and security models and frameworks
  • Mobile Code and Application Analysis
  • Techniques and Procedures to Secure Mobile Phone
  • Mobile application code analysis, architecture and management
  • Mobile device and application penetration testing methodologies
  • Mobile passive traffic identification
  • Remote root vulnerability exploitation on Android and iOS platforms
  • Mobile privilege escalation hacking
  • Remote access trojan mobile hacking
  • Attacking wireless and mobile network infrastructure devices
  • Hacking by brute forcing remotely
  • Hiding exploit payloads
  • TONEX’s mobile security and ethical hacking framework

Course Objectives

Upon completion of mobile ethical hacking training and mobile applications and device security workshop you will:

  • Communicate mobile device security threats and the risks
  • Describe mobile applications and device Security functions
  • Discover mobile hacking techniques (Android and iOS)
  • List platform and device security models
  • List pitfalls to mobile device security
  • Perform attacks against sample mobile apps to understand the weaknesses that exist in the current device security models
  • Perform mobile app, file system and runtime analysis
  • Assess mobile app and device security
  • Implement secure coding techniques into your mobile development lifecycle
  • Protect your mobile apps from high risk attacks
  • Identify business logic and technical vulnerabilities in your mobile applications
  • Capture the business logic flow of the mobile application
  • Secure mobile applications from technical and business logic perspectives
  • Understand real-world attack techniques
  • Identify the application’s vulnerabilities that can be exploited using installed applications on mobile devices
  • Assess mobile device security issues
  • Test and discover vulnerabilities present in mobile devices, applications, servers and the networks
  • Learn about assessments attempt to detect mobile vulnerabilities
  • Ensure trusted interactions at the application, device and network levels
  • Impersonate valid wireless access points in an attempt
  • Learn about Wireless man-in-the-middle (MITM) attacks
  • Identify and monitor wireless networks that have either no encryption
  • Learn about user authentication, data security
  • Identify and prove critical data breach exposures created by mobile devices in your environment
  • Evaluate the security of new mobile technologies prior to deployment
  • Mitigate operational & reputational risks Assess end-user security awareness of social engineering techniques
  • Learn about the latest mobile phishing
  • Learn about mobile cloud security including iCloud vulnerabilities and hacking techniques

Course Content

Introduction and Executive Summary

  • Principles of Mobile Ethical Hacking
  • Mobile App Ethical Hacking and Penetration Testing Principles
  • Mobile Application Security Assessments for applications
  • Hacking and pentesting mobile applications and systems
  • Hacking techniques and pentesting mobile clouds
  • Mobile Device Threats, Policies, and Security Models
  • Mobile Device Architecture Security and Management
  • Mobile Code and Application Analysis
  • Ethical Hacking Mobile Networks
  • Ethical Hacking Mobile Phones, Tablets, and Applications
  • Secure Mobile Phone Capture the Flag
  • Exploiting and penetrating mobile applications
  • Overview of mobile vulnerabilities
  • Security and performance flaw

Stages of Mobile Ethical Hacking

  • Mobile reconnaissance
  • Mobile scanning & enumeration
  • Gaining Access to mobile device, application and mobile cloud
  • Escalation of privileges
  • Maintaining access
  • Covering tracks

Overview of Mobile platforms and Mobile Security Fundamentals

  • Overview of Mobile Platforms
  • Control functions
  • Networks: GSM, CDMA, UMTS, LTE, WiFi, Bluetooth, NFC
  • Hardware: Baseband layer attacks
  • Memory corruption defects in firmware
  • OS: Defects in kernel code
  • Applications
  • Codes
  • Apps with vulnerabilities and malicious
  • Implement Vulnerability Assessment Tools and Techniques
  • Scan for Vulnerabilities
  • Mitigation and Deterrent Techniques
  • Mobile Security Threats and Vulnerabilities
  • Social Engineering
  • Physical Threats and Vulnerabilities
  • Network-Based Threats
  • Wireless Threats and Vulnerabilities
  • Software Based Threats
  • Information Security Cycle
  • Information Security Controls
  • Authentication Methods
  • Cryptography Fundamentals
  • Security Policy Fundamentals
  • Mobile computing trends and threats
  • Best practices in mobile device management (MDM)
  • Mobile Device Management (MDM)
  • Centralizing device administration
  • Enabling BYOD in the organization
  • Confronting BYOD challenges
  • Fortifying device synchronization
  • Modifying policies to work with each mobile OS
  • Handling lost or stolen devices
  • Securing the mobile application in the organization
  • Open Web Application Security Project (OWASP)
  • Mobile phone forensics and its implications

Mobile Application Security Basics

  • Browser Based Application
  • HTML5+CSS+JavaScript
  • iOS Application Basics
  • iOS System Architecture
  • Objective C & Cocoa Touch API
  • Android Application Basics
  • Android System Architecture
  • Application program
  • Application Frame
  • Program Library
  • Android Runtime Library
  • Linux Core

Major Mobile Threats

  • Equipment and password protection
  • Sensitive files encryption
  • Boot Rom exploits
  • Password brute force
  • Mobile App Risks
  • Mobile Device Risks at multiple layers
  • Mobile App Ecosystems
  • Mobile App Top 10 Risks
  • Veracode Top 10
  • OWASP Mobile Top 10
  • Malicious Functionality
  • Activity monitoring and data retrieval
  • Unauthorized dialing, SMS, and payments
  • Unauthorized network connectivity (exfiltration or command & control)
  • UI Impersonation
  • System modification (rootkit, APN proxy config)
  • Logic or Time bomb
  • Vulnerabilities
  • Sensitive data leakage (inadvertent or side channel)
  • Unsafe sensitive data storage
  • Unsafe sensitive data transmission
  • Hardcoded password/keys

Mobile Data Security and Implementing Encryption

  • Key storage and retention
  • Master keys
  • Key strength
  • Cipher Specifications
  • Forensic trace
  • Storage of data in protected APIs
  • Built-in encryption vs. custom encryption
  • File permissions and using strong passwords for database security
  • How to hash sensitive data and seed of passwords
  • Storing more data externally on servers
  • Not storing data outside of the applications security
  • Do not store sensitive data, if you can avoid it
  • Protecting data at rest while the device is locked

iOS SDK, APIs, and Security Features

  • Code signing
  • Sandbox
  • Data at rest encryption
  • Generic native exploit mitigation features
  • Non executable memory
  • Stack smashing protection

iOS Data protection API

  • Various levels of protection, driven by developer
  • Complete protection
  • Protected unless open
  • Protected until first user authentication
  • No protections

iOS  Security Framework

  • Common Crypto Libraries
  • Symmetric encryption
  • HMAC
  • Digests
  • Generating secure random numbers
  • Security and limitations of the keychain
  • Keychain access groups
  • Managing certificates and keys

Implementation of Encryption in iOS

  • Common cryptor
  • Logic in applications
  • Certificate and key exchange
  • Authentication and authorization
  • Session management
  • Decryption as authentication, not after

Mobile Service and Network Security

  • Clear text transmission of data
  • Man-in-the-middle attacks
  • Cellular proxy attack (provisioning profile)
  • Insufficient validation of certificates / certificate chain
  • SSL compromise
  • DNS hijacking
  • SSL session with validation
  • Validate originated from a trusted CA
  • Validate the certificate has not been revoked
  • Describe how to implement / validate client-side certificates
  • SSL pinning

Data Encryption APIs

  • PIN vs. complex passphrase
  • Data protection APIs
  • Keychain and vulnerabilities
  • Demonstrate knowledge of Apple’s encrypted file system
  • Journal

Android SDK, APIs and Security Features

  • System and kernel level security
  • Application sandbox
  • Application signing
  • Purpose
  • Key management
  • Permissions
  • File system
  • Application-defined
  • URI permissions

Android Permission Model

  • Protected APIs
  • Requesting permissions
  • Defining permissions
  • Use of signatures
  • Protection levels
  • Summarize the Device Administration API
  • Purpose and appropriate use
  • Letting the user control access to sensitive data
  • Start the contacts activity to let the user select a contact for use by
  • the application rather than require permission to access all contacts
  • Start the camera application to let the user take a picture for use in
  • the application without requiring camera permissions

Secure inter-process communication in Android

  • Public and private components
  • Protecting access to
  • Services
  • Broadcast receivers
  • Activities
  • Content providers
  • Databases
  • Securely accessing third-party components with IPC
  • Types of attacks
  • Confused deputy
  • Intent sniffing
  • Intent hijacking
  • Data disclosure

Application Hardening Principles

  • Apple Digital Rights Management
  • Mach-O object format
  • Symbol table definitions
  • Class-dump
  • Dumping memory
  • Binary stripping
  • Process trace checks
  • Tamper response
  • Counter-debugging techniques
  • Code obfuscations
  • Optimizations
  • Inline functions
  • Encrypted payloads

Spotlighting Mobile Threats

  • IMEI and IMSI
  • Application ID
  • Location
  • Network operator
  • Phone ID and model
  • Phone number
  • Text messages
  • User contact list
  • Recorded phone calls can lead to blackmail
  • Location tracking
  • Stolen text messages
  • Stolen mobile device details
  • Scams, spam, or infections
  • Device Security Model
  • Protocol Analysis
  • Proxying iOS and Android
  • SSL certificate trust
  • Emulator and simulator proxying
  • Physical device proxying
  • Mobile Device File System Analysis
  • Android file system analysis
  • iOS file system analysis
  • SSH access to iOS
  • Mobile App Decompilation
  • Android APK packaging
  • iOS packaging
  • Mobile Run-time Analysis
  • Mobile Cryptography
  • Device API Weaknesses
  • SSL
  • XML Parsing
  • Virtual Keyboards
  • Copy and Paste
  • Snapshots
  • Geolocation
  • Address Book API
  • URL Handlers
  • Jailbreak detection
  • Mobile malware

Managing Mobile Public Key Infrastructure (PKI)

  • Install a Certificate Authority (CA) Hierarchy
  • Back Up a CA
  • Restore a CA
  • Managing Certificates
  • Enroll Certificates
  • Renew Certificates
  • Revoke Certificates
  • Back Up Certificates and Private Keys
  • Restore Certificates and Private Keys

Mobile Compliance and Operational Security

  • Physical Security
  • Legal Compliance
  • Security Awareness and Training
  • Managing Risk
  • Risk Analysis
  • Implement Risk Mitigation Strategies

Mobile Application Penetration Testing

  • Reconnaissance
  • Mapping
  • Discovery
  • Exploitation
  • Reporting
  • Ethical attack
  • Application’s security controls
  • Risks posed by actual exploitable vulnerabilities.
  • Application mapping
  • Reverse engineering
  • Proprietary tools
  • Input Validation
  • Buffer Overflow
  • Cross Site Scripting
  • URL Manipulation
  • SQL Injection
  • Hidden Variable Manipulation
  • Cookie Modification
  • Authentication Bypass
  • Code Execution
  • Injections
  • Broken authentication and session management
  • Cross-site scripting
  • Insecure direct object references
  • Security misconfiguration
  • Sensitive data exposure
  • Missing function level access control
  • Cross-site request forgery
  • Using components with known vulnerabilities
  • Unvalidated redirects and forwards

Pentesting iOS, Android and Windows  Applications

  • Areas of focus
  • Network Communication -Privacy
  • Application Data Storage
  • Reverse Engineering -URL Schemes -Push Notification
  • Jailbreak
  • Encrypted Transmission
  • HTTPS and SSL
  • CA certificate
  • Application data storage
  • Data storage location
  • Plist file
  • Keychain
  • Logs

Mobile Application Security Assessment and Penetration Testing

  • Mobile Application Penetration Assessments
  • Identify weaknesses in the default installation
  • Bypass authentication and authorization mechanisms
  • Escalate privileges
  • Access and modify data or data presentation
  • Attack vectors
  • Data validation (SQL injection, Cross-Site Scripting, buffer overflows, etc.)
  • Session management
  • Access controls (authentication and authorization controls)
  • Cryptography
  • Third-party components (patching, configuration errors, etc.)
  • Mobile Device Security Models
  • Privilege and access models on multiple platforms
  • Device encryption support and threats
  • Emerging changes in platform security from Android and Apple
  • Policy Considerations and Development

Attacks and Pentesting Mobile  Applications

  • Attacking test based systems
  • Attacking test based application
  • Attacking test based transmission link
  • Application attack testing
  • Bypassing passcode locks
  • Decrypting credentials
  • Accessing mobile device backup data
  • Unlocking, Rooting, Jailbreaking Mobile Devices
  • Mobile Phone Data Storage and Filesystem Architecture
  • Filesystem Application Modeling
  • Mobile application network capture
  • Mobile app data extraction
  • Reverse engineering iOS binaries in Objective-C
  • Reverse engineering Android binaries in Java
  • Data access policies
  • Fingerprinting mobile devices
  • Monitoring network probing activity
  • Network scanning and assessment
  • Exploiting weak wireless infrastructure
  • Monitoring mobile device network scanning
  • Certificate impersonation and mobile devices
  • Network Manipulation Attacks
  • Exploiting mobile application authentication vulnerabilities
  • Site impersonation attacks
  • Exploiting SQL injection in mobile application frameworks

Workshops

  • Creating the mobile threat matrix model
  • Creating a security policy framework
  • Evaluating vulnerabilities
  • Techniques for mobile hacking
  • Creating a mobile security assessment plan
  • Assessing mobile network and device vulnerabilities
  • Mobile malware defense
  • Mobile cloud defense

 

WARNING:  It is illegal to access a mobile device, application, or mobile network for which you have no authorization to use.  Many criminal laws are available in several different countries to cover criminal computer fraud and abuse including mobile devices and applications.

Request More Information

Please enter contact information followed by your questions, comments and/or request(s):
  • Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.

    * Indicates required fields

  • This field is for validation purposes and should be left unchanged.

Request More Information

  • Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.

    * Indicates required fields

  • This field is for validation purposes and should be left unchanged.