Explore runtime manipulation techniques for Android and iOS applications in this conference talk from AppSecUSA 2014. Delve into powerful tools and methods for runtime analysis, memory manipulation, and binary analysis to enhance mobile application security testing skills. Learn about cycript, snoop-it, jdb, and other tools for runtime manipulation and memory analysis. Gain insights into iOS execution flow, method swizzling, memory dumping, and Android decompiling. Discover how to improve mobile security testing results and better understand security controls in mobile applications. Suitable for pen testers and security professionals looking to expand their mobile security toolbox.
Runtime Manipulation of Android and iOS Applications - Mobile Security Testing
Overview
Syllabus
Intro
Runtime Analysis and Manipulation
Runtime Analysis: Android
Runtime Analysis: iOS
Snoop-it Features
IOS Execution Flow
Cycript Common Functions
Cycript Method Swizzling
Memory Dumping and Analysis
Memory Analysis: Android
Memory Analysis: iOS
IOS Binary Analysis
Disassembler
Other Tools..
Android: Decompiling
Example: Android Decompiling
Example: Decompile & Re-compile
Taught by
OWASP Foundation
Related Courses
-
Runtime Manipulation of Android and iOS Applications
-
AppSecUSA 2014 - Breakers Track Sessions
-
iOS App Integrity: Enhancing Security with Encrypted Code Modules
-
Runtime Memory Analysis Tool for Mobile Apps
-
Deep Dive into Android RunTime for Dynamic Binary Analysis
-
Ten Secrets to Secure Mobile Applications
