Using Memory, Filesystems And Runtime To App Pen iOS And Android

Presented at DeepSec 2013 „Secrets, Failures, and Visions“, Unknown date/time (Unknown duration)

The whitehat presenter will unlock some of the mysteries of the iDevice and Android-device memory intrinsics, filesystem/process sandboxes, and the OO runtime by walking through the techniques, including common obfuscations. The ethical attendee will learn how to take any popular, off-the-shelf mobile device (including ones that claim encrypted memory/flash) and transform it into a powerful tool that can be used to understand what risks can happen to the user/owner of that device.

Presenters:

  • Andre Gironda
    Andre Gironda is an app pen-tester. He has been banging up iOS and Android apps for the Fortune 10 and their partners, along with Web Services and some webapps, using full-scope software security assessments for 2 years at HP after 4 years of freelance pen-testing and reverse engineering. He is a strong believer in the power of the individual to learn, unlearn, and re-learn code alongside debugging, hooking, and tracing techniques.

Links:

Similar Presentations: