SlideShare a Scribd company logo

Mobile Penetration Testing: Episode 1 - The Forensic Menace

NowSecure
NowSecure

This is Episode 1 of a trilogy on mobile penetration testing - forensic analysis of data at rest on the device. Episode 2 - Return of the Network/Back-end http://www.slideshare.net/nowsecure/mobile-penetration-testing-episode-ii-attack-of-the-code Episode 3 - Attack of the Code http://www.slideshare.net/nowsecure/mobile-penetration-testing-episode-iii-attack-of-the-code

Technology
1 of 30
Download to read offline
© Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute. Episode I THE FORENSIC MENACE
© Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute. Episode II RETURN OF THE NETWORK/BACK-END Episode I THE FORENSIC MENACE Episode III ATTACK OF THE CODE
© Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Connect Twitter: @NowSecureMobile — Subscribe to #MobSec5, our weekly mobile security news digest http://mobsec5.nowsecure.com/ — Web: nowsecure.com
© Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Katie Strzempka Director of Mobile Services | NowSecure
© Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Contents ● Areas of analysis/coverage ● Forensics deep dive: Mobile data at rest ● Approaching Android ● Approaching iOS
© Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute. Your analysis checklist (a must have) ● Why a checklist? ○ Consistency across results & teams ○ Creates a minimum baseline for security ● Creating your checklist ○ Internal policies ○ OWASP Top 10, NIAP (for government), etc. ○ Group into high-level categories ○ Break-down categories into specific tests ● Allow analysts some leeway to get creative
© Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute. A repeatable process drives consistency and metrics ● Establish testing requirements ● Identify areas for interpretation/creativity ● Help with on-boarding & training staff ● Show developers what and how you will test ● Explain what must be fixed & what’s accepted ● Ensure full coverage (more on that later) ● Repeatability allows for measurement ● Make reporting consistent For inspiration, see: OWASP Mobile Security Testing Guide
© Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute. Mobile forensics & data recovery Network, web services, and API testing Server-side penetration testing Reverse engineering & code analysis
© Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. https://www.bostonglobe.com/arts/2015/12/12/how-lightsaber-works/RY5A2SwWShmYiSORqdgMdN/story.html “You know that [little droid leaking data] is going to cause me a lot of trouble.”
© Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Where on a mobile device can data-at-rest be found? SD card/ Emulated SD card (Android) System log files RAM Source code (hardcoded) Web cache/history (hybrid/web- wrapper apps) Private application folder Keychain
© Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. What tools will allow you to achieve your data recovery and analysis objectives? ● Standard forensic acquisition software will recover file system ● But it won’t: ○ Decrypt Keychain to see if sensitive values are stored ○ Recover syslog files (requires a special Cydia package) ○ Extract memory for running app processes ● Command-line knowledge is required for open-source tools ● The wrong tools can lead you down a tedious, time-consuming path
© Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Sharpest tools in the shed Target Relevant tools and/or documentation File system ● Android: debug bridge (i.e., “adb pull” command) ● iOS: libimobiledevice System Log Files ● Android: logcat command-line tool ● iOS: Syslog (instructions for non-developers) iOS Keychain ● iOS Keychain analyzer RAM ● Android: Android debug bridge (i.e., “adb dumpsys meminfo”) ● iOS: heapdump-ios A full suite of mobile tools: Santoku Linux
© Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Prioritize findings by risk (likelihood+significance+value) ● Risk depends on location of data ● Take into consideration: ○ Sensitivity of the data ○ Likeliness of exploit ○ Remote vs. local attack ● Common Vulnerability Scoring System (CVSS) is one framework for assigning risk to vulnerabilities Likelihood Significance
© Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. https://en.wikipedia.org/wiki/Finn_(Star_Wars) “[Droid Android], please!”
© Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Requirements for Android forensic analysis Rooted Android device w/ USB cable We’ll be using a Google Nexus 5 Linux machine or VM w/ Android Studio tools May we recommend Santoku Linux?
© Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Where does data “rest” on Android? ● Private application folder* ● SD Card / Emulated SD Card* ● System log files ● RAM ● Hard-coded data in source code ● Web cache/history (for hybrid/web wrapper apps) Common storage areas
© Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Step 1: Locate your app (adb) Access the device shell: Locate the app data directory: Find the app’s private directory:
© Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Step 2: Pull app data off phone Pull data from the SD card/app directory: (adb pull <data-path-source> <destination>) :
© Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Step 3: Analyze app data App files recovered from Any.do Android app:
© Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information.http://www.officialpsds.com/Darth-Vader-PSD108098.html “The [Emperor iOS] is not as forgiving as I am.”
© Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Requirements for iOS forensic analysis Linux machine or VM Again, give Santoku Linux a try Jailbroken iOS device (≤ 9.3.3) w/ USB cable We’ll be using an iPhone 6 Remote connection (SSH) & secure copy/paste (SCP) Instructions here
© Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Where does data “rest” in iOS? Common storage areas ● Private application folder* ● Syslog ● RAM ● Keychain ● Hard-coded values ● Web cache/history (for hybrid/web wrapper apps)
© Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Step 1: Locate your app Remotely connect to your iOS device App bundles and data location: App bundles location: App data location:
© Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Step 1 (continued): Locate your app Sort by most recently installed: Change into that directory/make sure it’s the target app:
© Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Step 2: Pull app data off phone /private/var/mobile/Containers/Data/Application/983FCB4E-E5B5-4C8C-A4AF-F9139FE74EC3 (for example) Make note of the full path from the previous step: Scp command to copy files from app folder:
© Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Step 3: Analyze app data App files recovered from Any.do iOS app:
© Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Pointers to keep in mind during forensic analysis SQLite databases, plist, and xml files are common: Find your favorite viewers When searching for data in large files, command line tools are best: Try grep Look for data stored as common hashes/encodings (base64, md5, sha256, etc.) iOS apps use the “Cache.db” file, which often contains large amounts of data Don’t limit yourself: explore storage locations beyond those discussed today!
© Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Create a checklist and document your process Assign responsibility for various test coverage areas Select the right tools to find/test for insecure data storage Look for data in common areas (but don’t limit yourself) If data is found, determine its value and the risk
© Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute. Episode II RETURN OF THE NETWORK/BACK-END Next Thursday, December 15 1 p.m. CST / 11 a.m. PST REGISTER NOW: http://bit.ly/2g7ZRXd
Let’s talk NowSecure +1 312.878.1100 @NowSecureMobile www.nowsecure.com Subscribe to #MobSec5 - a digest of the week’s mobile news that matters - http://mobsec5.nowsecure.com/

Recommended

Mobile Penetration Testing: Episode II - Attack of the Code
Mobile Penetration Testing: Episode II - Attack of the CodeMobile Penetration Testing: Episode II - Attack of the Code
Mobile Penetration Testing: Episode II - Attack of the CodeNowSecure
 
Mobile Penetration Testing: Episode III - Attack of the Code
Mobile Penetration Testing: Episode III - Attack of the CodeMobile Penetration Testing: Episode III - Attack of the Code
Mobile Penetration Testing: Episode III - Attack of the CodeNowSecure
 
How Android and iOS Security Enhancements Complicate Threat Detection
How Android and iOS Security Enhancements Complicate Threat DetectionHow Android and iOS Security Enhancements Complicate Threat Detection
How Android and iOS Security Enhancements Complicate Threat DetectionNowSecure
 
Via forensics thotcon-2013-mobile-security-with-santoku-linux
Via forensics thotcon-2013-mobile-security-with-santoku-linuxVia forensics thotcon-2013-mobile-security-with-santoku-linux
Via forensics thotcon-2013-mobile-security-with-santoku-linuxviaForensics
 
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014viaForensics
 
OWASP Mobile Top 10
OWASP Mobile Top 10OWASP Mobile Top 10
OWASP Mobile Top 10NowSecure
 
How to make Android apps secure: dos and don’ts
How to make Android apps secure: dos and don’tsHow to make Android apps secure: dos and don’ts
How to make Android apps secure: dos and don’tsNowSecure
 
The fundamentals of Android and iOS app security
The fundamentals of Android and iOS app securityThe fundamentals of Android and iOS app security
The fundamentals of Android and iOS app securityNowSecure
 

Recommended

Mobile Penetration Testing: Episode II - Attack of the Code
Mobile Penetration Testing: Episode II - Attack of the CodeMobile Penetration Testing: Episode II - Attack of the Code
Mobile Penetration Testing: Episode II - Attack of the CodeNowSecure
 
Mobile Penetration Testing: Episode III - Attack of the Code
Mobile Penetration Testing: Episode III - Attack of the CodeMobile Penetration Testing: Episode III - Attack of the Code
Mobile Penetration Testing: Episode III - Attack of the CodeNowSecure
 
How Android and iOS Security Enhancements Complicate Threat Detection
How Android and iOS Security Enhancements Complicate Threat DetectionHow Android and iOS Security Enhancements Complicate Threat Detection
How Android and iOS Security Enhancements Complicate Threat DetectionNowSecure
 
Via forensics thotcon-2013-mobile-security-with-santoku-linux
Via forensics thotcon-2013-mobile-security-with-santoku-linuxVia forensics thotcon-2013-mobile-security-with-santoku-linux
Via forensics thotcon-2013-mobile-security-with-santoku-linuxviaForensics
 
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014viaForensics
 
OWASP Mobile Top 10
OWASP Mobile Top 10OWASP Mobile Top 10
OWASP Mobile Top 10NowSecure
 
How to make Android apps secure: dos and don’ts
How to make Android apps secure: dos and don’tsHow to make Android apps secure: dos and don’ts
How to make Android apps secure: dos and don’tsNowSecure
 
The fundamentals of Android and iOS app security
The fundamentals of Android and iOS app securityThe fundamentals of Android and iOS app security
The fundamentals of Android and iOS app securityNowSecure
 
85% of App Store Apps Fail OWASP Mobile Top 10: Are you exposed?
85% of App Store Apps Fail OWASP Mobile Top 10: Are you exposed?85% of App Store Apps Fail OWASP Mobile Top 10: Are you exposed?
85% of App Store Apps Fail OWASP Mobile Top 10: Are you exposed?NowSecure
 
It's not about you: Mobile security in 2016
It's not about you: Mobile security in 2016It's not about you: Mobile security in 2016
It's not about you: Mobile security in 2016NowSecure
 
Top OSS for Mobile AppSec Testing: The Latest on R2 and FRIDA
Top OSS for Mobile AppSec Testing: The Latest on R2 and FRIDATop OSS for Mobile AppSec Testing: The Latest on R2 and FRIDA
Top OSS for Mobile AppSec Testing: The Latest on R2 and FRIDANowSecure
 
Addressing the OWASP Mobile Security Threats using Xamarin
Addressing the OWASP Mobile Security Threats using XamarinAddressing the OWASP Mobile Security Threats using Xamarin
Addressing the OWASP Mobile Security Threats using XamarinAlec Tucker
 
OWASP Top 10 for Mobile
OWASP Top 10 for MobileOWASP Top 10 for Mobile
OWASP Top 10 for MobileAppvigil - Mobile App Security Scanner
 
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer ProtectionOwasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer ProtectionAnant Shrivastava
 
OWASP Mobile Top 10 Deep-Dive
OWASP Mobile Top 10 Deep-DiveOWASP Mobile Top 10 Deep-Dive
OWASP Mobile Top 10 Deep-DivePrathan Phongthiproek
 
iOS and Android security: Differences you need to know
iOS and Android security: Differences you need to knowiOS and Android security: Differences you need to know
iOS and Android security: Differences you need to knowNowSecure
 
Owasp Mobile Top 10 - M7 & M8
Owasp Mobile Top 10 - M7 & M8Owasp Mobile Top 10 - M7 & M8
Owasp Mobile Top 10 - M7 & M85h1vang
 
Mobile Defense-in-Dev (Depth)
Mobile Defense-in-Dev (Depth)Mobile Defense-in-Dev (Depth)
Mobile Defense-in-Dev (Depth)Prathan Phongthiproek
 
From Tangled Mess to Organized Flow: A Mobile DevSecOps Reference Architecture
From Tangled Mess to Organized Flow: A Mobile DevSecOps Reference ArchitectureFrom Tangled Mess to Organized Flow: A Mobile DevSecOps Reference Architecture
From Tangled Mess to Organized Flow: A Mobile DevSecOps Reference ArchitectureNowSecure
 
Cyber Kill Chain: Web Application Exploitation
Cyber Kill Chain: Web Application ExploitationCyber Kill Chain: Web Application Exploitation
Cyber Kill Chain: Web Application ExploitationPrathan Phongthiproek
 
Compliance in the mobile enterprise: 5 tips to prepare for your next audit
Compliance in the mobile enterprise: 5 tips to prepare for your next auditCompliance in the mobile enterprise: 5 tips to prepare for your next audit
Compliance in the mobile enterprise: 5 tips to prepare for your next auditNowSecure
 
Mobile App Hacking In A Nutshell
Mobile App Hacking In A NutshellMobile App Hacking In A Nutshell
Mobile App Hacking In A NutshellPrathan Phongthiproek
 
OWASP Thailand-Beyond the Penetration Testing
OWASP Thailand-Beyond the Penetration TestingOWASP Thailand-Beyond the Penetration Testing
OWASP Thailand-Beyond the Penetration TestingPrathan Phongthiproek
 
Owasp advanced mobile-application-code-review-techniques-v0.2
Owasp advanced mobile-application-code-review-techniques-v0.2Owasp advanced mobile-application-code-review-techniques-v0.2
Owasp advanced mobile-application-code-review-techniques-v0.2drewz lin
 
Certificate Pinning in Mobile Applications
Certificate Pinning in Mobile ApplicationsCertificate Pinning in Mobile Applications
Certificate Pinning in Mobile ApplicationsLuca Bongiorni
 
Owasp Mobile Risk Series : M4 : Unintended Data Leakage
Owasp Mobile Risk Series : M4 : Unintended Data LeakageOwasp Mobile Risk Series : M4 : Unintended Data Leakage
Owasp Mobile Risk Series : M4 : Unintended Data LeakageAnant Shrivastava
 
OWASP Day - OWASP Day - Lets secure!
OWASP Day - OWASP Day - Lets secure! OWASP Day - OWASP Day - Lets secure!
OWASP Day - OWASP Day - Lets secure! Prathan Phongthiproek
 
Webinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array worksWebinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array worksCyren, Inc
 
Five mobile security challenges facing the enterprise
Five mobile security challenges facing the enterpriseFive mobile security challenges facing the enterprise
Five mobile security challenges facing the enterpriseNowSecure
 
Preparing for the inevitable: The mobile incident response playbook
Preparing for the inevitable: The mobile incident response playbookPreparing for the inevitable: The mobile incident response playbook
Preparing for the inevitable: The mobile incident response playbookNowSecure
 

More Related Content

What's hot

85% of App Store Apps Fail OWASP Mobile Top 10: Are you exposed?
85% of App Store Apps Fail OWASP Mobile Top 10: Are you exposed?85% of App Store Apps Fail OWASP Mobile Top 10: Are you exposed?
85% of App Store Apps Fail OWASP Mobile Top 10: Are you exposed?NowSecure
 
It's not about you: Mobile security in 2016
It's not about you: Mobile security in 2016It's not about you: Mobile security in 2016
It's not about you: Mobile security in 2016NowSecure
 
Top OSS for Mobile AppSec Testing: The Latest on R2 and FRIDA
Top OSS for Mobile AppSec Testing: The Latest on R2 and FRIDATop OSS for Mobile AppSec Testing: The Latest on R2 and FRIDA
Top OSS for Mobile AppSec Testing: The Latest on R2 and FRIDANowSecure
 
Addressing the OWASP Mobile Security Threats using Xamarin
Addressing the OWASP Mobile Security Threats using XamarinAddressing the OWASP Mobile Security Threats using Xamarin
Addressing the OWASP Mobile Security Threats using XamarinAlec Tucker
 
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer ProtectionOwasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer ProtectionAnant Shrivastava
 
iOS and Android security: Differences you need to know
iOS and Android security: Differences you need to knowiOS and Android security: Differences you need to know
iOS and Android security: Differences you need to knowNowSecure
 
Owasp Mobile Top 10 - M7 & M8
Owasp Mobile Top 10 - M7 & M8Owasp Mobile Top 10 - M7 & M8
Owasp Mobile Top 10 - M7 & M85h1vang
 
From Tangled Mess to Organized Flow: A Mobile DevSecOps Reference Architecture
From Tangled Mess to Organized Flow: A Mobile DevSecOps Reference ArchitectureFrom Tangled Mess to Organized Flow: A Mobile DevSecOps Reference Architecture
From Tangled Mess to Organized Flow: A Mobile DevSecOps Reference ArchitectureNowSecure
 
Cyber Kill Chain: Web Application Exploitation
Cyber Kill Chain: Web Application ExploitationCyber Kill Chain: Web Application Exploitation
Cyber Kill Chain: Web Application ExploitationPrathan Phongthiproek
 
Compliance in the mobile enterprise: 5 tips to prepare for your next audit
Compliance in the mobile enterprise: 5 tips to prepare for your next auditCompliance in the mobile enterprise: 5 tips to prepare for your next audit
Compliance in the mobile enterprise: 5 tips to prepare for your next auditNowSecure
 
OWASP Thailand-Beyond the Penetration Testing
OWASP Thailand-Beyond the Penetration TestingOWASP Thailand-Beyond the Penetration Testing
OWASP Thailand-Beyond the Penetration TestingPrathan Phongthiproek
 
Owasp advanced mobile-application-code-review-techniques-v0.2
Owasp advanced mobile-application-code-review-techniques-v0.2Owasp advanced mobile-application-code-review-techniques-v0.2
Owasp advanced mobile-application-code-review-techniques-v0.2drewz lin
 
Certificate Pinning in Mobile Applications
Certificate Pinning in Mobile ApplicationsCertificate Pinning in Mobile Applications
Certificate Pinning in Mobile ApplicationsLuca Bongiorni
 
Owasp Mobile Risk Series : M4 : Unintended Data Leakage
Owasp Mobile Risk Series : M4 : Unintended Data LeakageOwasp Mobile Risk Series : M4 : Unintended Data Leakage
Owasp Mobile Risk Series : M4 : Unintended Data LeakageAnant Shrivastava
 
OWASP Day - OWASP Day - Lets secure!
OWASP Day - OWASP Day - Lets secure! OWASP Day - OWASP Day - Lets secure!
OWASP Day - OWASP Day - Lets secure! Prathan Phongthiproek
 
Webinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array worksWebinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array worksCyren, Inc
 

What's hot (20)

85% of App Store Apps Fail OWASP Mobile Top 10: Are you exposed?
85% of App Store Apps Fail OWASP Mobile Top 10: Are you exposed?85% of App Store Apps Fail OWASP Mobile Top 10: Are you exposed?
85% of App Store Apps Fail OWASP Mobile Top 10: Are you exposed?
 
It's not about you: Mobile security in 2016
It's not about you: Mobile security in 2016It's not about you: Mobile security in 2016
It's not about you: Mobile security in 2016
 
Top OSS for Mobile AppSec Testing: The Latest on R2 and FRIDA
Top OSS for Mobile AppSec Testing: The Latest on R2 and FRIDATop OSS for Mobile AppSec Testing: The Latest on R2 and FRIDA
Top OSS for Mobile AppSec Testing: The Latest on R2 and FRIDA
 
Addressing the OWASP Mobile Security Threats using Xamarin
Addressing the OWASP Mobile Security Threats using XamarinAddressing the OWASP Mobile Security Threats using Xamarin
Addressing the OWASP Mobile Security Threats using Xamarin
 
OWASP Top 10 for Mobile
OWASP Top 10 for MobileOWASP Top 10 for Mobile
OWASP Top 10 for Mobile
 
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer ProtectionOwasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
 
OWASP Mobile Top 10 Deep-Dive
OWASP Mobile Top 10 Deep-DiveOWASP Mobile Top 10 Deep-Dive
OWASP Mobile Top 10 Deep-Dive
 
iOS and Android security: Differences you need to know
iOS and Android security: Differences you need to knowiOS and Android security: Differences you need to know
iOS and Android security: Differences you need to know
 
Owasp Mobile Top 10 - M7 & M8
Owasp Mobile Top 10 - M7 & M8Owasp Mobile Top 10 - M7 & M8
Owasp Mobile Top 10 - M7 & M8
 
Mobile Defense-in-Dev (Depth)
Mobile Defense-in-Dev (Depth)Mobile Defense-in-Dev (Depth)
Mobile Defense-in-Dev (Depth)
 
From Tangled Mess to Organized Flow: A Mobile DevSecOps Reference Architecture
From Tangled Mess to Organized Flow: A Mobile DevSecOps Reference ArchitectureFrom Tangled Mess to Organized Flow: A Mobile DevSecOps Reference Architecture
From Tangled Mess to Organized Flow: A Mobile DevSecOps Reference Architecture
 
Cyber Kill Chain: Web Application Exploitation
Cyber Kill Chain: Web Application ExploitationCyber Kill Chain: Web Application Exploitation
Cyber Kill Chain: Web Application Exploitation
 
Compliance in the mobile enterprise: 5 tips to prepare for your next audit
Compliance in the mobile enterprise: 5 tips to prepare for your next auditCompliance in the mobile enterprise: 5 tips to prepare for your next audit
Compliance in the mobile enterprise: 5 tips to prepare for your next audit
 
Mobile App Hacking In A Nutshell
Mobile App Hacking In A NutshellMobile App Hacking In A Nutshell
Mobile App Hacking In A Nutshell
 
OWASP Thailand-Beyond the Penetration Testing
OWASP Thailand-Beyond the Penetration TestingOWASP Thailand-Beyond the Penetration Testing
OWASP Thailand-Beyond the Penetration Testing
 
Owasp advanced mobile-application-code-review-techniques-v0.2
Owasp advanced mobile-application-code-review-techniques-v0.2Owasp advanced mobile-application-code-review-techniques-v0.2
Owasp advanced mobile-application-code-review-techniques-v0.2
 
Certificate Pinning in Mobile Applications
Certificate Pinning in Mobile ApplicationsCertificate Pinning in Mobile Applications
Certificate Pinning in Mobile Applications
 
Owasp Mobile Risk Series : M4 : Unintended Data Leakage
Owasp Mobile Risk Series : M4 : Unintended Data LeakageOwasp Mobile Risk Series : M4 : Unintended Data Leakage
Owasp Mobile Risk Series : M4 : Unintended Data Leakage
 
OWASP Day - OWASP Day - Lets secure!
OWASP Day - OWASP Day - Lets secure! OWASP Day - OWASP Day - Lets secure!
OWASP Day - OWASP Day - Lets secure!
 
Webinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array worksWebinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array works
 

Similar to Mobile Penetration Testing: Episode 1 - The Forensic Menace

Five mobile security challenges facing the enterprise
Five mobile security challenges facing the enterpriseFive mobile security challenges facing the enterprise
Five mobile security challenges facing the enterpriseNowSecure
 
Preparing for the inevitable: The mobile incident response playbook
Preparing for the inevitable: The mobile incident response playbookPreparing for the inevitable: The mobile incident response playbook
Preparing for the inevitable: The mobile incident response playbookNowSecure
 
5 Mobile App Security MUST-DOs in 2018
5 Mobile App Security MUST-DOs in 20185 Mobile App Security MUST-DOs in 2018
5 Mobile App Security MUST-DOs in 2018NowSecure
 
Raul Siles - iOS: Regreso al futuro [Rooted CON 2014]
Raul Siles - iOS: Regreso al futuro [Rooted CON 2014]Raul Siles - iOS: Regreso al futuro [Rooted CON 2014]
Raul Siles - iOS: Regreso al futuro [Rooted CON 2014]RootedCON
 
Pentesting Android Applications
Pentesting Android ApplicationsPentesting Android Applications
Pentesting Android ApplicationsCláudio André
 
Via forensics appsecusa-nov-2013
Via forensics appsecusa-nov-2013Via forensics appsecusa-nov-2013
Via forensics appsecusa-nov-2013drewz lin
 
CASE STUDY - Ironclad Messaging & Secure App Dev for Regulated Industries
CASE STUDY - Ironclad Messaging & Secure App Dev for Regulated IndustriesCASE STUDY - Ironclad Messaging & Secure App Dev for Regulated Industries
CASE STUDY - Ironclad Messaging & Secure App Dev for Regulated IndustriesNowSecure
 
Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016
Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016
Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016Subho Halder
 
Debunking the Top 5 Myths About Mobile AppSec
Debunking the Top 5 Myths About Mobile AppSecDebunking the Top 5 Myths About Mobile AppSec
Debunking the Top 5 Myths About Mobile AppSecNowSecure
 
Droidcon mobile security
Droidcon mobile securityDroidcon mobile security
Droidcon mobile securityJudy Ngure
 
Analysis and research of system security based on android
Analysis and research of system security based on androidAnalysis and research of system security based on android
Analysis and research of system security based on androidRavishankar Kumar
 
Mobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring BudgetMobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring BudgetBrent Muir
 
Stephanie Vanroelen - Mobile Anti-Virus apps exposed
Stephanie Vanroelen - Mobile Anti-Virus apps exposedStephanie Vanroelen - Mobile Anti-Virus apps exposed
Stephanie Vanroelen - Mobile Anti-Virus apps exposedNoNameCon
 
OSX/Pirrit: The blue balls of OS X adware
OSX/Pirrit: The blue balls of OS X adwareOSX/Pirrit: The blue balls of OS X adware
OSX/Pirrit: The blue balls of OS X adwareAmit Serper
 
Mobile App Security: A Review
Mobile App Security: A ReviewMobile App Security: A Review
Mobile App Security: A ReviewUmang Singh
 
iOS malware: what's the risk and how to reduce it
iOS malware: what's the risk and how to reduce itiOS malware: what's the risk and how to reduce it
iOS malware: what's the risk and how to reduce itCyber Security Alliance
 

Similar to Mobile Penetration Testing: Episode 1 - The Forensic Menace (20)

Five mobile security challenges facing the enterprise
Five mobile security challenges facing the enterpriseFive mobile security challenges facing the enterprise
Five mobile security challenges facing the enterprise
 
Preparing for the inevitable: The mobile incident response playbook
Preparing for the inevitable: The mobile incident response playbookPreparing for the inevitable: The mobile incident response playbook
Preparing for the inevitable: The mobile incident response playbook
 
5 Mobile App Security MUST-DOs in 2018
5 Mobile App Security MUST-DOs in 20185 Mobile App Security MUST-DOs in 2018
5 Mobile App Security MUST-DOs in 2018
 
Cyber security for journalists
Cyber security for journalistsCyber security for journalists
Cyber security for journalists
 
Raul Siles - iOS: Regreso al futuro [Rooted CON 2014]
Raul Siles - iOS: Regreso al futuro [Rooted CON 2014]Raul Siles - iOS: Regreso al futuro [Rooted CON 2014]
Raul Siles - iOS: Regreso al futuro [Rooted CON 2014]
 
Pentesting Android Applications
Pentesting Android ApplicationsPentesting Android Applications
Pentesting Android Applications
 
Via forensics appsecusa-nov-2013
Via forensics appsecusa-nov-2013Via forensics appsecusa-nov-2013
Via forensics appsecusa-nov-2013
 
CASE STUDY - Ironclad Messaging & Secure App Dev for Regulated Industries
CASE STUDY - Ironclad Messaging & Secure App Dev for Regulated IndustriesCASE STUDY - Ironclad Messaging & Secure App Dev for Regulated Industries
CASE STUDY - Ironclad Messaging & Secure App Dev for Regulated Industries
 
Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016
Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016
Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016
 
Debunking the Top 5 Myths About Mobile AppSec
Debunking the Top 5 Myths About Mobile AppSecDebunking the Top 5 Myths About Mobile AppSec
Debunking the Top 5 Myths About Mobile AppSec
 
Droidcon mobile security
Droidcon mobile securityDroidcon mobile security
Droidcon mobile security
 
Analysis and research of system security based on android
Analysis and research of system security based on androidAnalysis and research of system security based on android
Analysis and research of system security based on android
 
Mobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring BudgetMobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring Budget
 
Securing Android
Securing AndroidSecuring Android
Securing Android
 
Stephanie Vanroelen - Mobile Anti-Virus apps exposed
Stephanie Vanroelen - Mobile Anti-Virus apps exposedStephanie Vanroelen - Mobile Anti-Virus apps exposed
Stephanie Vanroelen - Mobile Anti-Virus apps exposed
 
OSX/Pirrit: The blue balls of OS X adware
OSX/Pirrit: The blue balls of OS X adwareOSX/Pirrit: The blue balls of OS X adware
OSX/Pirrit: The blue balls of OS X adware
 
iOS Application Security And Static Analysis.pdf
iOS Application Security And Static Analysis.pdfiOS Application Security And Static Analysis.pdf
iOS Application Security And Static Analysis.pdf
 
Mobile App Security: A Review
Mobile App Security: A ReviewMobile App Security: A Review
Mobile App Security: A Review
 
Cyber Forensics Module 2
Cyber Forensics Module 2Cyber Forensics Module 2
Cyber Forensics Module 2
 
iOS malware: what's the risk and how to reduce it
iOS malware: what's the risk and how to reduce itiOS malware: what's the risk and how to reduce it
iOS malware: what's the risk and how to reduce it
 

More from NowSecure

iOS recon with Radare2
iOS recon with Radare2iOS recon with Radare2
iOS recon with Radare2NowSecure
 
Android Q & iOS 13 Privacy Enhancements
Android Q & iOS 13 Privacy EnhancementsAndroid Q & iOS 13 Privacy Enhancements
Android Q & iOS 13 Privacy EnhancementsNowSecure
 
OSS Tools: Creating a Reverse Engineering Plug-in for r2frida
OSS Tools: Creating a Reverse Engineering Plug-in for r2fridaOSS Tools: Creating a Reverse Engineering Plug-in for r2frida
OSS Tools: Creating a Reverse Engineering Plug-in for r2fridaNowSecure
 
Building a Mobile App Pen Testing Blueprint
Building a Mobile App Pen Testing BlueprintBuilding a Mobile App Pen Testing Blueprint
Building a Mobile App Pen Testing BlueprintNowSecure
 
Mobile App Security Predictions 2019
Mobile App Security Predictions 2019Mobile App Security Predictions 2019
Mobile App Security Predictions 2019NowSecure
 
Jeff's Journey: Best Practices for Securing Mobile App DevOps
Jeff's Journey: Best Practices for Securing Mobile App DevOpsJeff's Journey: Best Practices for Securing Mobile App DevOps
Jeff's Journey: Best Practices for Securing Mobile App DevOpsNowSecure
 
A Risk-Based Mobile App Security Testing Strategy
A Risk-Based Mobile App Security Testing StrategyA Risk-Based Mobile App Security Testing Strategy
A Risk-Based Mobile App Security Testing StrategyNowSecure
 
Android P Security Updates: What You Need to Know
Android P Security Updates: What You Need to KnowAndroid P Security Updates: What You Need to Know
Android P Security Updates: What You Need to KnowNowSecure
 
iOS 12 Preview - What You Need To Know
iOS 12 Preview - What You Need To KnowiOS 12 Preview - What You Need To Know
iOS 12 Preview - What You Need To KnowNowSecure
 
5 Tips for Agile Mobile App Security Testing
5 Tips for Agile Mobile App Security Testing5 Tips for Agile Mobile App Security Testing
5 Tips for Agile Mobile App Security TestingNowSecure
 
Mobile Apps & Connected Healthcare: Managing 3rd-Party Mobile App Risk
Mobile Apps & Connected Healthcare: Managing 3rd-Party Mobile App RiskMobile Apps & Connected Healthcare: Managing 3rd-Party Mobile App Risk
Mobile Apps & Connected Healthcare: Managing 3rd-Party Mobile App RiskNowSecure
 
What attackers know about your mobile apps that you don’t: Banking & FinTech
What attackers know about your mobile apps that you don’t: Banking & FinTechWhat attackers know about your mobile apps that you don’t: Banking & FinTech
What attackers know about your mobile apps that you don’t: Banking & FinTechNowSecure
 
Solving for Compliance: Mobile app security for banking and financial services
Solving for Compliance: Mobile app security for banking and financial servicesSolving for Compliance: Mobile app security for banking and financial services
Solving for Compliance: Mobile app security for banking and financial servicesNowSecure
 
Leaky Mobile Apps: What You Need to Know
Leaky Mobile Apps: What You Need to KnowLeaky Mobile Apps: What You Need to Know
Leaky Mobile Apps: What You Need to KnowNowSecure
 
Vetting Mobile Apps for Corporate Use: Security Essentials
Vetting Mobile Apps for Corporate Use: Security EssentialsVetting Mobile Apps for Corporate Use: Security Essentials
Vetting Mobile Apps for Corporate Use: Security EssentialsNowSecure
 
Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...
Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...
Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...NowSecure
 
Delivering secure mobile financial services (MFS) - "Frictionless" vs diligence
Delivering secure mobile financial services (MFS) - "Frictionless" vs diligenceDelivering secure mobile financial services (MFS) - "Frictionless" vs diligence
Delivering secure mobile financial services (MFS) - "Frictionless" vs diligenceNowSecure
 
Next-level mobile app security: A programmatic approach
Next-level mobile app security: A programmatic approachNext-level mobile app security: A programmatic approach
Next-level mobile app security: A programmatic approachNowSecure
 
Mobile App Crashworthiness - Securing Vehicle-to-Device (V2D) Interfaces and ...
Mobile App Crashworthiness - Securing Vehicle-to-Device (V2D) Interfaces and ...Mobile App Crashworthiness - Securing Vehicle-to-Device (V2D) Interfaces and ...
Mobile App Crashworthiness - Securing Vehicle-to-Device (V2D) Interfaces and ...NowSecure
 
Cybersecurity Fundamentals for Bar Associations
Cybersecurity Fundamentals for Bar AssociationsCybersecurity Fundamentals for Bar Associations
Cybersecurity Fundamentals for Bar AssociationsNowSecure
 

More from NowSecure (20)

iOS recon with Radare2
iOS recon with Radare2iOS recon with Radare2
iOS recon with Radare2
 
Android Q & iOS 13 Privacy Enhancements
Android Q & iOS 13 Privacy EnhancementsAndroid Q & iOS 13 Privacy Enhancements
Android Q & iOS 13 Privacy Enhancements
 
OSS Tools: Creating a Reverse Engineering Plug-in for r2frida
OSS Tools: Creating a Reverse Engineering Plug-in for r2fridaOSS Tools: Creating a Reverse Engineering Plug-in for r2frida
OSS Tools: Creating a Reverse Engineering Plug-in for r2frida
 
Building a Mobile App Pen Testing Blueprint
Building a Mobile App Pen Testing BlueprintBuilding a Mobile App Pen Testing Blueprint
Building a Mobile App Pen Testing Blueprint
 
Mobile App Security Predictions 2019
Mobile App Security Predictions 2019Mobile App Security Predictions 2019
Mobile App Security Predictions 2019
 
Jeff's Journey: Best Practices for Securing Mobile App DevOps
Jeff's Journey: Best Practices for Securing Mobile App DevOpsJeff's Journey: Best Practices for Securing Mobile App DevOps
Jeff's Journey: Best Practices for Securing Mobile App DevOps
 
A Risk-Based Mobile App Security Testing Strategy
A Risk-Based Mobile App Security Testing StrategyA Risk-Based Mobile App Security Testing Strategy
A Risk-Based Mobile App Security Testing Strategy
 
Android P Security Updates: What You Need to Know
Android P Security Updates: What You Need to KnowAndroid P Security Updates: What You Need to Know
Android P Security Updates: What You Need to Know
 
iOS 12 Preview - What You Need To Know
iOS 12 Preview - What You Need To KnowiOS 12 Preview - What You Need To Know
iOS 12 Preview - What You Need To Know
 
5 Tips for Agile Mobile App Security Testing
5 Tips for Agile Mobile App Security Testing5 Tips for Agile Mobile App Security Testing
5 Tips for Agile Mobile App Security Testing
 
Mobile Apps & Connected Healthcare: Managing 3rd-Party Mobile App Risk
Mobile Apps & Connected Healthcare: Managing 3rd-Party Mobile App RiskMobile Apps & Connected Healthcare: Managing 3rd-Party Mobile App Risk
Mobile Apps & Connected Healthcare: Managing 3rd-Party Mobile App Risk
 
What attackers know about your mobile apps that you don’t: Banking & FinTech
What attackers know about your mobile apps that you don’t: Banking & FinTechWhat attackers know about your mobile apps that you don’t: Banking & FinTech
What attackers know about your mobile apps that you don’t: Banking & FinTech
 
Solving for Compliance: Mobile app security for banking and financial services
Solving for Compliance: Mobile app security for banking and financial servicesSolving for Compliance: Mobile app security for banking and financial services
Solving for Compliance: Mobile app security for banking and financial services
 
Leaky Mobile Apps: What You Need to Know
Leaky Mobile Apps: What You Need to KnowLeaky Mobile Apps: What You Need to Know
Leaky Mobile Apps: What You Need to Know
 
Vetting Mobile Apps for Corporate Use: Security Essentials
Vetting Mobile Apps for Corporate Use: Security EssentialsVetting Mobile Apps for Corporate Use: Security Essentials
Vetting Mobile Apps for Corporate Use: Security Essentials
 
Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...
Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...
Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...
 
Delivering secure mobile financial services (MFS) - "Frictionless" vs diligence
Delivering secure mobile financial services (MFS) - "Frictionless" vs diligenceDelivering secure mobile financial services (MFS) - "Frictionless" vs diligence
Delivering secure mobile financial services (MFS) - "Frictionless" vs diligence
 
Next-level mobile app security: A programmatic approach
Next-level mobile app security: A programmatic approachNext-level mobile app security: A programmatic approach
Next-level mobile app security: A programmatic approach
 
Mobile App Crashworthiness - Securing Vehicle-to-Device (V2D) Interfaces and ...
Mobile App Crashworthiness - Securing Vehicle-to-Device (V2D) Interfaces and ...Mobile App Crashworthiness - Securing Vehicle-to-Device (V2D) Interfaces and ...
Mobile App Crashworthiness - Securing Vehicle-to-Device (V2D) Interfaces and ...
 
Cybersecurity Fundamentals for Bar Associations
Cybersecurity Fundamentals for Bar AssociationsCybersecurity Fundamentals for Bar Associations
Cybersecurity Fundamentals for Bar Associations
 

Recently uploaded

Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 

Recently uploaded (20)

Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 

Mobile Penetration Testing: Episode 1 - The Forensic Menace

  • 1. © Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute. Episode I THE FORENSIC MENACE
  • 2. © Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute. Episode II RETURN OF THE NETWORK/BACK-END Episode I THE FORENSIC MENACE Episode III ATTACK OF THE CODE
  • 3. © Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Connect Twitter: @NowSecureMobile — Subscribe to #MobSec5, our weekly mobile security news digest http://mobsec5.nowsecure.com/ — Web: nowsecure.com
  • 4. © Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Katie Strzempka Director of Mobile Services | NowSecure
  • 5. © Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Contents ● Areas of analysis/coverage ● Forensics deep dive: Mobile data at rest ● Approaching Android ● Approaching iOS
  • 6. © Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute. Your analysis checklist (a must have) ● Why a checklist? ○ Consistency across results & teams ○ Creates a minimum baseline for security ● Creating your checklist ○ Internal policies ○ OWASP Top 10, NIAP (for government), etc. ○ Group into high-level categories ○ Break-down categories into specific tests ● Allow analysts some leeway to get creative
  • 7. © Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute. A repeatable process drives consistency and metrics ● Establish testing requirements ● Identify areas for interpretation/creativity ● Help with on-boarding & training staff ● Show developers what and how you will test ● Explain what must be fixed & what’s accepted ● Ensure full coverage (more on that later) ● Repeatability allows for measurement ● Make reporting consistent For inspiration, see: OWASP Mobile Security Testing Guide
  • 8. © Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute. Mobile forensics & data recovery Network, web services, and API testing Server-side penetration testing Reverse engineering & code analysis
  • 9. © Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. https://www.bostonglobe.com/arts/2015/12/12/how-lightsaber-works/RY5A2SwWShmYiSORqdgMdN/story.html “You know that [little droid leaking data] is going to cause me a lot of trouble.”
  • 10. © Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Where on a mobile device can data-at-rest be found? SD card/ Emulated SD card (Android) System log files RAM Source code (hardcoded) Web cache/history (hybrid/web- wrapper apps) Private application folder Keychain
  • 11. © Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. What tools will allow you to achieve your data recovery and analysis objectives? ● Standard forensic acquisition software will recover file system ● But it won’t: ○ Decrypt Keychain to see if sensitive values are stored ○ Recover syslog files (requires a special Cydia package) ○ Extract memory for running app processes ● Command-line knowledge is required for open-source tools ● The wrong tools can lead you down a tedious, time-consuming path
  • 12. © Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Sharpest tools in the shed Target Relevant tools and/or documentation File system ● Android: debug bridge (i.e., “adb pull” command) ● iOS: libimobiledevice System Log Files ● Android: logcat command-line tool ● iOS: Syslog (instructions for non-developers) iOS Keychain ● iOS Keychain analyzer RAM ● Android: Android debug bridge (i.e., “adb dumpsys meminfo”) ● iOS: heapdump-ios A full suite of mobile tools: Santoku Linux
  • 13. © Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Prioritize findings by risk (likelihood+significance+value) ● Risk depends on location of data ● Take into consideration: ○ Sensitivity of the data ○ Likeliness of exploit ○ Remote vs. local attack ● Common Vulnerability Scoring System (CVSS) is one framework for assigning risk to vulnerabilities Likelihood Significance
  • 14. © Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. https://en.wikipedia.org/wiki/Finn_(Star_Wars) “[Droid Android], please!”
  • 15. © Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Requirements for Android forensic analysis Rooted Android device w/ USB cable We’ll be using a Google Nexus 5 Linux machine or VM w/ Android Studio tools May we recommend Santoku Linux?
  • 16. © Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Where does data “rest” on Android? ● Private application folder* ● SD Card / Emulated SD Card* ● System log files ● RAM ● Hard-coded data in source code ● Web cache/history (for hybrid/web wrapper apps) Common storage areas
  • 17. © Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Step 1: Locate your app (adb) Access the device shell: Locate the app data directory: Find the app’s private directory:
  • 18. © Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Step 2: Pull app data off phone Pull data from the SD card/app directory: (adb pull <data-path-source> <destination>) :
  • 19. © Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Step 3: Analyze app data App files recovered from Any.do Android app:
  • 20. © Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information.http://www.officialpsds.com/Darth-Vader-PSD108098.html “The [Emperor iOS] is not as forgiving as I am.”
  • 21. © Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Requirements for iOS forensic analysis Linux machine or VM Again, give Santoku Linux a try Jailbroken iOS device (≤ 9.3.3) w/ USB cable We’ll be using an iPhone 6 Remote connection (SSH) & secure copy/paste (SCP) Instructions here
  • 22. © Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Where does data “rest” in iOS? Common storage areas ● Private application folder* ● Syslog ● RAM ● Keychain ● Hard-coded values ● Web cache/history (for hybrid/web wrapper apps)
  • 23. © Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Step 1: Locate your app Remotely connect to your iOS device App bundles and data location: App bundles location: App data location:
  • 24. © Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Step 1 (continued): Locate your app Sort by most recently installed: Change into that directory/make sure it’s the target app:
  • 25. © Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Step 2: Pull app data off phone /private/var/mobile/Containers/Data/Application/983FCB4E-E5B5-4C8C-A4AF-F9139FE74EC3 (for example) Make note of the full path from the previous step: Scp command to copy files from app folder:
  • 26. © Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Step 3: Analyze app data App files recovered from Any.do iOS app:
  • 27. © Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Pointers to keep in mind during forensic analysis SQLite databases, plist, and xml files are common: Find your favorite viewers When searching for data in large files, command line tools are best: Try grep Look for data stored as common hashes/encodings (base64, md5, sha256, etc.) iOS apps use the “Cache.db” file, which often contains large amounts of data Don’t limit yourself: explore storage locations beyond those discussed today!
  • 28. © Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Create a checklist and document your process Assign responsibility for various test coverage areas Select the right tools to find/test for insecure data storage Look for data in common areas (but don’t limit yourself) If data is found, determine its value and the risk
  • 29. © Copyright 2016 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute. Episode II RETURN OF THE NETWORK/BACK-END Next Thursday, December 15 1 p.m. CST / 11 a.m. PST REGISTER NOW: http://bit.ly/2g7ZRXd
  • 30. Let’s talk NowSecure +1 312.878.1100 @NowSecureMobile www.nowsecure.com Subscribe to #MobSec5 - a digest of the week’s mobile news that matters - http://mobsec5.nowsecure.com/