Mobile apps often protect themselves via internally developed controls and commercial products. Learn about how some controls work and how to sidestep them.
Mobile application security isn’t always super exciting or challenging. But when it comes to application hardening, things get more interesting. These days, some types of applications go out of their way to defend themselves at runtime, including:
Such applications often attempt to protect themselves via internally developed controls, as well as commercial products.
During this talk, we’ll look at some of the typical controls that Android/iOS applications exhibit, how they work, how to spot them, and how to sidestep them. We’ll demonstrate analysis and techniques using free open source tooling such as Radare and Frida, and for some parts, we’ll use IDA Pro. And since “automation” is the buzzword of the year, we’ll discuss how to automate some of these activities, which typically take up most of the assessment window.
When: Available on demand
Who: Grant Douglas, security consultant, Synopsys; Nikola Cucakovic, senior security consultant, Synopsys