Completed
Exploiting the JavaScript to Java bridge (CVE-2013-4710)
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Combining Security Risks of Native and Web Development in Hybrid Apps - AppSec EU 2017
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Hybrid mobile apps
- 3 The architecture of Apache Cordova
- 4 Example app
- 5 One framework, many names
- 6 Cordova in the real world
- 7 What we have learned: plugin use
- 8 Why is it hard to the the security of hybrid apps
- 9 Example: Get Phone Number
- 10 Weak spot: JS Java bridge
- 11 Exploiting the JavaScript to Java bridge (CVE-2013-4710)
- 12 Never use http without SSL, or even iframes! Device
- 13 Recommendations: the (hopefully) obvious parts
- 14 Recommendations: we should not forget
- 15 Did you know
- 16 Recommendation: use the latest framework version
- 17 If you are using static analysis: Considerations
- 18 If you are using static analysis: Recommendations
- 19 If you are using dynamic analysis (e... pen testing)
- 20 Conclusion