Upload File

appseceu 2015 mobile app reverse engineering / hacking ... · mobile app reverse engineering /...

  • Home
  • Documents
  • AppSecEU 2015 Mobile App Reverse Engineering / Hacking ... · Mobile App Reverse Engineering / Hacking Workshop OWASP Reverse Engineering and Code Modification ... WORKSHOPS AT APPSEC
12
AppSecEU 2015 Mobile App Reverse Engineering / Hacking Workshop OWASP Reverse Engineering and Code Modification Prevention Project

Upload: others

Post on 30-Jun-2020

7 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: AppSecEU 2015 Mobile App Reverse Engineering / Hacking ... · Mobile App Reverse Engineering / Hacking Workshop OWASP Reverse Engineering and Code Modification ... WORKSHOPS AT APPSEC

AppSecEU 2015 Mobile App Reverse Engineering / Hacking Workshop OWASP Reverse Engineering and Code Modification Prevention Project

Page 2: AppSecEU 2015 Mobile App Reverse Engineering / Hacking ... · Mobile App Reverse Engineering / Hacking Workshop OWASP Reverse Engineering and Code Modification ... WORKSHOPS AT APPSEC

Back By Popular Demand! Workshop Details

•  Thursday, May 21st at 9:15am-12:40pm AppSecEU

•  Main session floor and dedicated workshop room

•  Due to large demand, students must bring own laptop Jailbroken device

•  Maximum capacity 0f 60

Page 3: AppSecEU 2015 Mobile App Reverse Engineering / Hacking ... · Mobile App Reverse Engineering / Hacking Workshop OWASP Reverse Engineering and Code Modification ... WORKSHOPS AT APPSEC

FEEDBACK FROM PREVIOUS WORKSHOPS AT APPSEC USA 2014

Page 4: AppSecEU 2015 Mobile App Reverse Engineering / Hacking ... · Mobile App Reverse Engineering / Hacking Workshop OWASP Reverse Engineering and Code Modification ... WORKSHOPS AT APPSEC

Purpose of Workshop •  Goals of workshop:

1.  Learn about the evolution of the mobile threat landscape

2.  Execute actual reverse-engineering and tampering attacks (customized workstation included) against iPhone apps

3.  Explore findings from mobile banking red-team testing projects at several top global banks

Page 5: AppSecEU 2015 Mobile App Reverse Engineering / Hacking ... · Mobile App Reverse Engineering / Hacking Workshop OWASP Reverse Engineering and Code Modification ... WORKSHOPS AT APPSEC

Workshop Details

•  Each session lasted 2.5 hours •  Project provided laptops and

jailbroken devices to students

•  Feedback collected •  24 OWASP participants

Page 6: AppSecEU 2015 Mobile App Reverse Engineering / Hacking ... · Mobile App Reverse Engineering / Hacking Workshop OWASP Reverse Engineering and Code Modification ... WORKSHOPS AT APPSEC

Feedback Responses

•  Students found the sessions highly informative •  18 participants answered this question: –  16 responded “5”; 2 responded “4”

Page 7: AppSecEU 2015 Mobile App Reverse Engineering / Hacking ... · Mobile App Reverse Engineering / Hacking Workshop OWASP Reverse Engineering and Code Modification ... WORKSHOPS AT APPSEC

Feedback Responses

•  Students gain a clear understanding of the project –  12 responded “5”; 4 responded “4”; 1 responded “3”

Page 8: AppSecEU 2015 Mobile App Reverse Engineering / Hacking ... · Mobile App Reverse Engineering / Hacking Workshop OWASP Reverse Engineering and Code Modification ... WORKSHOPS AT APPSEC

Feedback Responses

•  Students clearly enjoyed the workshop –  18 out of 18 responded “Yes”

Page 9: AppSecEU 2015 Mobile App Reverse Engineering / Hacking ... · Mobile App Reverse Engineering / Hacking Workshop OWASP Reverse Engineering and Code Modification ... WORKSHOPS AT APPSEC

Feedback Responses

•  “This was better than other mobile training/workshops I have attended... the hands on lab was the best part”

•  “Getting hand-on experience and foundation for how to reverse engineer an iOS application was really cool”

•  “Organized, well run, concepts were applicable to real world mobile testing. overall - great work”

Page 10: AppSecEU 2015 Mobile App Reverse Engineering / Hacking ... · Mobile App Reverse Engineering / Hacking Workshop OWASP Reverse Engineering and Code Modification ... WORKSHOPS AT APPSEC

Feedback Responses

•  “I would just keep it small (it was today). Having too many people could be an issue.”

•  “Overall I can't think of much to improve the presentation. Maybe have some step by step notes so that students could go through this exercise again afterwards.”

•  “Just need to work out a few quirks with the installation, but otherwise straight-forward and good”

Page 11: AppSecEU 2015 Mobile App Reverse Engineering / Hacking ... · Mobile App Reverse Engineering / Hacking Workshop OWASP Reverse Engineering and Code Modification ... WORKSHOPS AT APPSEC

Feedback Responses

•  “Charlotte” •  “Los Angeles” •  “NYC” •  “London”

•  “Denver” •  “Atlanta” •  “Portland” •  “San Francisco”

Page 12: AppSecEU 2015 Mobile App Reverse Engineering / Hacking ... · Mobile App Reverse Engineering / Hacking Workshop OWASP Reverse Engineering and Code Modification ... WORKSHOPS AT APPSEC

Would you like to have the workshop conducted at a chapter meeting or other OWASP event?

•  If you are the head of the OWASP event or local chapter, fill out this form to register your interest:

– http://bit.ly/1v6OzFG


Electronic Reverse Engineering...Reverse engineering PCB's is a necessary process to obtain lost manufacturing files (Gerbers) Sometimes, reverse engineering combined with re-engineering

Having fun with IoT: Reverse Engineering and …...Having fun with IoT: Reverse Engineering and Hacking of Xiaomi IoT Devices DEFCON 26 –Dennis Giese DEFCON 26 –Dennis Giese 2

44CON London 2015 - reverse reverse engineering

© SERG Reverse Engineering (REportal) REportal: Reverse Engineering Portal (reportal.cs.drexel.edu)

Reverse Engineering archeology: Reverse engineering

iOS apps reverse engineering - Hacking-Lab LiveCD€¦ · › Launch GDB › Set a breakpoint ... iOS apps reverse engineering Author: Julien Bachmann Created Date: 4/12/2011 8:42:10

Hacking your bank with Ruby and reverse engineering (Madrid.rb)

Hacking the best reverse-engineering the tactics of technorati's best bloggers

Reverse engineering

Reverse Engineering & New Product Development · Reverse Engineering & New Product Development What does it mean to reverse engineer something? Reverse engineering is the general

Hands-On Hardware Hacking and Reverse Engineering Techniques

Reverse Engineering

Hacking Web 2.0 JavaScript - Reverse Engineering ... · PDF file2 Hacking JavaScript | Blueinfy Solutions Pvt. Ltd. Problem Domain JavaScript as we know is a client side technology

AppSecUSA 2014 Mobile App Hacking Workshop Feedback · 2020-01-17 · AppSecUSA 2014 Mobile App Hacking Workshop Feedback OWASP Reverse Engineering and Code Modification ... the hands

Reverse Engineering Tool Based on Unified Mapping Method ... · 4D Reverse Engineering Tool. Keywords Reverse Engineering, Imagix-4D Reverse Engineering Tool, Class Diagram 1. Introduction

Hacking the Hacking Team - SANS€¢Hacking Operations & Forensics •Reverse engineering & Malware analysis •Cryptography & Evasion •Machine learning, big data analytics and visualization

Reverse Engineering - agz.esagz.es/Reverse-Engineering/Basic/Reverse Engineering [Security... · © 2008 Security Awareness Korea - i - Reverse Engineering Table of Content Module

Hacking with Reverse Engineering and Defense against it

Lab 5: Android Application Reverse Engineering and Obfuscation · Lab 5: Android Application Reverse Engineering and Obfuscation Introduction Reverse Engineering is a popular hacking

Introduction to the Tools and Techniques of Car Hacking€¦ ·  · 2017-03-12Introduction to the Tools and Techniques of Car Hacking ... Reverse Engineering ... ★ Smartphone Apps

Hacking the EULA: Reverse Benchmarking Web Application Security

Hacking the Code for Reverse-Aging - Medcravemedcraveonline.com/MOJABB/MOJABB-01-00020.pdf · Hacking the Code for Reverse-Aging ... growth maturity. The micro-RNA (miRNA) ... The

Hacking Reverse Mortgages