Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
Welcome to the full schedule of the OWASP AppSec Research EU 2014 conference days
View analytic
Wednesday, June 25 • 14:40 - 15:30
Smart Storage Scanning for Mobile Apps - Attacks and Exploit

Sign up or log in to save this to your schedule and see who's attending!

Mobile application hacking and its security is becoming a major concern in today’s world specially with BYOD and user’s jailbreaking/rooting their devices. Scanning and vulnerabilities detections are two major areas for mobile applications in current state. Attacking techniques and exploit delivery on different platform are evolving, protection is even tougher as code base are different. The frequency of release for the mobile application is significantly higher than the web application. It is imperative to scan these applications before loading and launching for different platforms. 

Amongst the mobile attacks described in OWASP Mobile Top 10 project, Local storage being the key attack which affects the security and privacy of the user. Need for an hour is to have automated program to penetrate local storage in most widely used mobile platform (android and iOS). Interestingly, Android SDK provides an API which can be used to monitor file system. On the iOS, one needs to use jailbreak device to attack local storage. Along with presentation, new version of the free tools (Separate for android and iOS) will be released. Android tool uses API to monitor android file system where iOS tool relies on OS features. Methodology to perform application penetration testing using the tools will be demonstrated along with several different demonstrations on attacking local storage for both platforms along with defense strategies.

Speakers
avatar for Hemil Shah

Hemil Shah

Hemil Shah, CISSP, CSSLP, ACP is the founder and Director of eSphere Security, a company that provides Professional services in Security Arena. He has worked with HBO, KPMG, IL&FS and Net-Square in security space. He has published several advisories, tools, and Whitepapers, and has presented at numerous conferences. Hemil is expert in Mobile Application Security, Application Security, researching new methodologies and training designs. He has... Read More →


Wednesday June 25, 2014 14:40 - 15:30
LAB002
  • Company 43

Attendees (9)