New Mobile Security Course and ExploitMe Mobile

October 15, 2011

At Security Compass, we have been working hard to expand our training offerings. We’re most excited about our new Mobile Hacking and Security course. If your organization is working with mobile applications this course is a fantastic primer on how mobile apps can be hacked, and how your teams can defend against these software defects. We’ll also teach your staff some insightful concepts as to how best to protect your mobile applications and best of all, we’ve created hands on Mobile Labs that your staff can test their learning on. They’ll learn to see how attackers break mobile apps, insecure source code and how to fix such issues!

Speaking of the labs, we want to do our part to give back to the AppSec community so we’re going to open source our lab component!

ExploitMe Mobile will be an open source project (using the BSD License) that any of you can help contribute to. Being appsec professionals, our labs are focused on understanding both the insecure aspect of mobile coding and how we can build a more secure version. The great thing is we have versions of our App for both Android and iPhone, two of the leading OS for mobile at the moment.

Our labs will allow you to learn mobile security through an insecure application. The app contains the following issues:

  • Parameter manipulation of traffic
  • Insecure communications
  • Weak password lock screens
  • Insecure memory management
  • Weak file system permissions
  • Insecure storage of files
  • Insecure logging of information

We’ve published our Labs and quick guides as to how to install the labs onto your iPhone or Android devices/emulators:

Please give it a shot and let us know how you like it. You can message me on twitter @oliverseccom and I’ll try to help with any question you may have!

Previous Article
The Cultural Challenges of Application Security
The Cultural Challenges of Application Security

By Nima Dezhkam and Rohit Sethi Steve, the application security expert, walks into a room of his company’s ...

Next Article
Common Mobile Application Security Pitfalls
Common Mobile Application Security Pitfalls

It is a well-documented fact that information transfer over the internet is transitioning over to mobile de...

Learn how you can use SD Elements to integrate security into software development.

Watch Video