Automated Mobile Application Security Assessment with MobSF

This course introduces Mobile Security Framework (MobSF) which automates your Mobile Application Security Assessments.
3.7 (39 ratings) Instead of using a simple lifetime average, Udemy calculates a
course's star rating by considering a number of different factors
such as the number of ratings, the age of ratings, and the
likelihood of fraudulent ratings.
374 students enrolled
$19
$45
58% off
Take This Course
  • Lectures 22
  • Length 1 hour
  • Skill Level All Levels
  • Languages English
  • Includes Lifetime access
    30 day money back guarantee!
    Available on iOS and Android
    Certificate of Completion
Wishlisted Wishlist

How taking a course works

Discover

Find online courses made by experts from around the world.

Learn

Take your courses with you and learn anywhere, anytime.

Master

Learn and practice real-world skills and achieve your goals.

About This Course

Published 10/2015 English

Course Description

Mobile Application market is growing like anything and so is the Mobile Security industry. With lots of frequent application releases and updates happening, conducting the complete security analysis of mobile applications becomes time consuming and cumbersome mainly because of the overheads in setting up and maintaining a mobile application testing environment. This course will introduce an extendable, and scalable web framework called Mobile Security Framework (MobSF) for Automated Security analysis of Mobile Applications. Mobile Security Framework is an intelligent and automated open source mobile application (Android/iOS) pentesting and binary/code analysis framework capable of performing static and dynamic analysis. It supports Android and iOS binaries as well as zipped source code. This course will teach the attendee on how to configure and run MobSF. In addition to that, the instructor will discuss various real world use cases with MobSF like Android Malware analysis and uncovering vulnerabilities in few Android applications that are present in Google playstore.

Features of this course

  • Getting Familiar with an Open Source framework for Automated Mobile Security Assessment.
  • Learn about One Click Report Generation and Security Assessment.
  • Learn how to deploy MobSF at your own environment so that you have complete control of the data. The data/report stays within the organisation and nothing is stored in the cloud.
  • Perform Automated Security Assessment for both Android and iOS Applications.
  • Learn about the semi Automatic Dynamic Analyzer for intelligent application logic based (whitebox) security assessments.

What are the requirements?

  • Basic Usage of Linux/Windows/Mac
  • Comfortable with Terminal Like Interface

What am I going to get from this course?

  • Learn how to perform Automated Security Assessment of Mobile Applications.
  • Learn how to configure and run Mobile Security Framework
  • Perform Automated Static and Dynamic Analysis of Mobile Applications with MobSF

What is the target audience?

  • This course is for Application Security Professionals interested in Mobile Application Security
  • If you are trying to automate the cumbersome process of Mobile Application Security Assessment; Don't hesitate, this is for you.
  • If you want to learn Mobile Application Security, this course is probably not for you.

What you get with this course?

Not for you? No problem.
30 day money back guarantee.

Forever yours.
Lifetime access.

Learn on the go.
Desktop, iOS and Android.

Get rewarded.
Certificate of completion.

Curriculum

Section 1: Introduction to Mobile Security Framework - MobSF
Introduction
Preview
02:49
Getting Mobile Security Framework
Preview
01:03
What makes Mobile Security Framework Unique
Preview
01:09
Basic Requirements to Run MobSF
Preview
00:54
Section 2: Performing Static Analysis with MobSF
Overview: Static Analysis
Preview
00:27
Configuring MobSF for Static Analysis
Preview
05:28
Static Analysis in Android Binaries and Source Code
01:12
Performing Static Analysis on Android Binaries
03:29
Performing Static Analysis on Android Source Code
01:53
Static Analysis in iOS Binaries and Source Code
00:46
Performing Static Analysis on iOS Binaries
00:52
Performing Static Analysis on iOS Source Code
01:26
Section 3: Performing Dynamic Analysis with MobSF
Overview: Dynamic Analyzer
01:57
Dynamic Analysis in Android Binaries
00:53
Configuring MobSF for Dynamic Analysis of Android Binaries
09:42
Performing Dynamic Analysis of Android Binaries with MobSF
03:36
Section 4: Case Studies
Android Malware Analysis
02:12
AppLock MITM Password Reset Vulnerability
03:39
Exploiting AppLock Vulnerability
03:24
Bypassing Pin in Whisper Android Application
01:57
Exploiting Whisper App Vulnerability
01:14
Section 5: Slides
Course Slides
23 pages

Students Who Viewed This Course Also Viewed

  • Loading
  • Loading
  • Loading

Instructor Biography

Ajin Abraham, Security Researcher

Ajin Abraham is an Application Security Engineer by profession having 5+ years of experience in Application Security including 2 years of Security Research. He is passionate on developing new and unique security tools than depending on pre existing tools that never work. Some of his contributions to Hacker's arsenal include OWASP Xenotix XSS Exploit Framework, Mobile Security Framework (MobSF), Xenotix xBOT, MalBoxie, Firefox Add-on Exploit Suite, Static DOM XSS Scanner, NodeJsScan etc to name a few.

He has been invited to speak at multiple security conferences including ClubHack, NULLCON, OWASP AppSec AsiaPac, BlackHat Europe, Hackmiami, Confidence, BlackHat US, BlackHat Asia, ToorCon, Ground Zero Summit, Hack In the Box and c0c0n.


Ready to start learning?
Take This Course