Hack Your App - Intro to Mobile Security Testing
Presented by: Hans Weisheimer
Your phone really doesn’t want you to see what’s going on under the hood - it’s a feature. Many of the introspection capabilities that exist for web development are absent by default on mobile platforms. This is particularly frustrating when you need to validate assumptions or security controls during development.
But with a few open source tools and an unmodified device, you can do sneaky things like:
- Eavesdrop on network traffic
- Pilfer files, databases, and caches
- Steal secrets from the Keychain
- Lie to the app about security events
You will leave with a basic understanding of how to audit your mobile apps, along with a set of resources for further study. Quick reference sheets will be available to take home or download.