Mobile Penetration Testing


Objective Course is designed to give hands on exposure to tools & technologies used for mobile penetration testing. Course all includes insight into mobile security testing and reverse engineering. Understanding mobile platforms, security architecture of mobile OS, detailed analysis of APK file, reverse engineering and APK analysis. Course also provides understanding of traffic analysis of android platform, static & dynamic analysis of APK files, permission analysis & escalation, use of mobile RATs, counter strategy for mobile malwares & APTs. Course aims to train the participants with concepts and practical to carry out mobile penetration testing. Course includes intermediate to advance concepts, tools & technologies used in mobile security assessment.

Course Content
  • Understanding Mobile Platform
    1. OS Architecture for Mobile platforms
    2. Security & Access control in mobile platforms
    3. Design & Architecture of Mobile Applications
  • Android Studio & Android Debug Bridge (ADB)
    1. Android Emulator & Device Setup
    2. Android architecture & Rooting
    3. Android wireless access
    4. Proxy for Android & CA installation
    5. Android vulnerability application setup
  • Android Application Review. Reverse Engineering and App Analysis
    1. APK file structure
    2. Reverse Engineering & De-compilation of apk file
    3. Reversing and Re-compiling With APKTool
    4. APK teardown using Dexplorer
    5. Static vs Dynamic Analysis of Mobile Apps (QARK)
    6. Tool based Dynamic Analysis of mobile apps (Inspeckage &Xposed)
    7. Traffic Analysis
  • Compromising Android platforms
    1. Using Mobile RATs, AndroRat , zANTI & dSploit
    2. Hackode (The Hacker’s Toolbox)
  • Malwares and Advanced Persistent threats
    1. MobSF & Malware Analysis
    2. Security Assessment with Drozer , Intent sniffing
    3. Fuzzing using Burp - Password Brute-Force
    4. Using RATS , IDA pro , Android Security Guidelines




Basic (4.5/5) , Follow up course with hands on skills
40 Hours
Lab Based (20% Theory , 80% Practical)
• Apps Penetration testers, security professionals, enthusiasts and amateurs • Mobile application developers
Registration via portal, Must clear CS Essentials
Certification of Participation