Completed
Attack: Static Analysis
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Removing Secrets to Make Mobile Apps More MASVS-Secure
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Danger - Hardcoded API Keys
- 3 Mobile Attack Surfaces
- 4 Attack: Static Analysis
- 5 Defense: Obfuscation
- 6 Defense: Play Integrity
- 7 Attack: Manipulator in the Middle
- 8 Defense: Certificate Pinning
- 9 Attack: Bypass Certificate Pinning
- 10 Defense: Harden Channel
- 11 Hide & Seek Observations
- 12 How Do We Authenticate Our Users?
- 13 Design Objectives
- 14 Proposed Architecture
- 15 Making a 1st Party API Call
- 16 Changing the Signing Secret
- 17 Remote Secrets Storage
- 18 Managing Certificate Pinning
- 19 Signing a Message
- 20 Updating Security Live
- 21 MASVS Resilience
- 22 App Auth as a Service