Completed
If you are using dynamic analysis (e... pen testing)
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Combining Security Risks of Native and Web Development in Hybrid Apps - AppSec EU 2017
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Hybrid mobile apps
- 3 The architecture of Apache Cordova
- 4 Example app
- 5 One framework, many names
- 6 Cordova in the real world
- 7 What we have learned: plugin use
- 8 Why is it hard to the the security of hybrid apps
- 9 Example: Get Phone Number
- 10 Weak spot: JS Java bridge
- 11 Exploiting the JavaScript to Java bridge (CVE-2013-4710)
- 12 Never use http without SSL, or even iframes! Device
- 13 Recommendations: the (hopefully) obvious parts
- 14 Recommendations: we should not forget
- 15 Did you know
- 16 Recommendation: use the latest framework version
- 17 If you are using static analysis: Considerations
- 18 If you are using static analysis: Recommendations
- 19 If you are using dynamic analysis (e... pen testing)
- 20 Conclusion