Explore real-world threat scenarios, attacks on mobile applications, and ways to counter them
About This Book
Gain insights into the current threat landscape of mobile applications in particular
Explore the different options that are available on mobile platforms and prevent circumventions made by attackers
This is a step-by-step guide to setting up your own mobile penetration testing environment
Who This Book Is For
If you are a mobile application evangelist, mobile application developer, information security practitioner, penetration tester on infrastructure web applications, an application security professional, or someone who wants to learn mobile application security as a career, then this book is for you. This book will provide you with all the skills you need to get started with Android and iOS pen-testing.
What You Will Learn
Gain an in-depth understanding of Android and iOS architecture and the latest changes
Discover how to work with different tool suites to assess any application
Develop different strategies and techniques to connect to a mobile device
Create a foundation for mobile application security principles
Grasp techniques to attack different components of an Android device and the different functionalities of an iOS device
Get to know secure development strategies for both iOS and Android applications
Gain an understanding of threat modeling mobile applications
Get an in-depth understanding of both Android and iOS implementation vulnerabilities and how to provide counter-measures while developing a mobile app
Mobile security has come a long way over the last few years. It has transitioned from "should it be done?" to "it must be done!"Alongside the growing number of devises and applications, there is also a growth in the volume of Personally identifiable information (PII), Financial Data, and much more. This data needs to be secured.
This is why Pen-testing is so important to modern application developers. You need to know how to secure user data, and find vulnerabilities and loopholes in your application that might lead to security breaches.
This book gives you the necessary skills to security test your mobile applications as a beginner, developer, or security practitioner. You'll start by discovering the internal components of an Android and an iOS application. Moving ahead, you'll understand the inter-process working of these applications. Then you'll set up a test environment for this application using various tools to identify the loopholes and vulnerabilities in the structure of the applications. Finally, after collecting all information about these security loop holes, we'll start securing our applications from these threats.
Style and approach
This is an easy-to-follow guide full of hands-on examples of real-world attack simulations. Each topic is explained in context with respect to testing, and for the more inquisitive, there are more details on the concepts and techniques used for different platforms.
Downloading the example code for this book. You can download the example code files for all Packt books you have purchased from your account at http://www.PacktPub.com. If you purchased this book elsewhere, you can visit http://www.PacktPub.com/support and register to have the code file.