Mobile Device Exploitation Cookbook

Over 40 recipes to master mobile device penetration testing with open source tools
Preview in Mapt

Mobile Device Exploitation Cookbook

Prashant Verma, Akshay Dixit

1 customer reviews
Over 40 recipes to master mobile device penetration testing with open source tools
Mapt Subscription
FREE
$29.99/m after trial
eBook
$22.40
RRP $31.99
Save 29%
Print + eBook
$39.99
RRP $39.99
What do I get with a Mapt Pro subscription?
  • Unlimited access to all Packt’s 5,000+ eBooks and Videos
  • Early Access content, Progress Tracking, and Assessments
  • 1 Free eBook or Video to download and keep every month after trial
What do I get with an eBook?
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with Print & eBook?
  • Get a paperback copy of the book delivered to you
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with a Video?
  • Download this Video course in MP4 format
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
$0.00
$22.40
$39.99
$29.99p/m after trial
RRP $31.99
RRP $39.99
Subscription
eBook
Print + eBook
Start 30 Day Trial

Frequently bought together


Mobile Device Exploitation Cookbook Book Cover
Mobile Device Exploitation Cookbook
$ 31.99
$ 22.40
Citrix® XenMobile™ Mobile Device Management Book Cover
Citrix® XenMobile™ Mobile Device Management
$ 20.99
$ 14.70
Buy 2 for $32.20
Save $20.78
Add to Cart
Subscribe and access every Packt eBook & Video.
 
  • 5,000+ eBooks & Videos
  • 50+ New titles a month
  • 1 Free eBook/Video to keep every month
Start Free Trial
 

Book Details

ISBN 139781783558728
Paperback230 pages

Book Description

Mobile attacks are on the rise. We are adapting ourselves to new and improved smartphones, gadgets, and their accessories, and with this network of smart things, come bigger risks. Threat exposure increases and the possibility of data losses increase. Exploitations of mobile devices are significant sources of such attacks.

Mobile devices come with different platforms, such as Android and iOS. Each platform has its own feature-set, programming language, and a different set of tools. This means that each platform has different exploitation tricks, different malware, and requires a unique approach in regards to forensics or penetration testing. Device exploitation is a broad subject which is widely discussed, equally explored by both Whitehats and Blackhats.

This cookbook recipes take you through a wide variety of exploitation techniques across popular mobile platforms. The journey starts with an introduction to basic exploits on mobile platforms and reverse engineering for Android and iOS platforms. Setup and use Android and iOS SDKs and the Pentesting environment. Understand more about basic malware attacks and learn how the malware are coded. Further, perform security testing of Android and iOS applications and audit mobile applications via static and dynamic analysis.

Moving further, you'll get introduced to mobile device forensics. Attack mobile application traffic and overcome SSL, before moving on to penetration testing and exploitation.

The book concludes with the basics of platforms and exploit tricks on BlackBerry and Windows Phone. By the end of the book, you will be able to use variety of exploitation techniques across popular mobile platforms with stress on Android and iOS.

Table of Contents

Chapter 1: Introduction to Mobile Security
Introduction
Installing and configuring Android SDK and ADB
Creating a simple Android app and running it in an emulator
Analyzing the Android permission model using ADB
Bypassing Android lock screen protection
Setting up the iOS development environment - Xcode and iOS simulator
Creating a simple iOS app and running it in the simulator
Setting up the Android pentesting environment
Setting up the iOS pentesting environment
Introduction to rooting and jailbreaking
Chapter 2: Mobile Malware-Based Attacks
Introduction
Analyzing an Android malware sample
Using Androguard for malware analysis
Writing custom malware for Android from scratch
Permission model bypassing in Android
Reverse engineering iOS applications
Analyzing malware in the iOS environment
Chapter 3: Auditing Mobile Applications
Introduction
Auditing Android apps using static analysis
Auditing Android apps a using a dynamic analyzer
Using Drozer to find vulnerabilities in Android applications
Auditing iOS application using static analysis
Auditing iOS application using a dynamic analyzer
Examining iOS App Data storage and Keychain security vulnerabilities
Finding vulnerabilities in WAP-based mobile apps
Finding client-side injection
Insecure encryption in mobile apps
Discovering data leakage sources
Other application-based attacks in mobile devices
Launching intent injection in Android
Chapter 4: Attacking Mobile Application Traffic
Introduction
Setting up the wireless pentesting lab for mobile devices
Configuring traffic interception with Android
Intercepting traffic using Burp Suite and Wireshark
Using MITM proxy to modify and attack
Configuring traffic interception with iOS
Analyzing traffic and extracting sensitive information from iOS App traffic
WebKit attacks on mobile applications
Performing SSL traffic interception by certificate manipulation
Using a mobile configuration profile to set up a VPN and intercept traffic in iOS devices
Bypassing SSL certificate validation in Android and iOS
Chapter 5: Working with Other Platforms
Introduction
Setting up the Blackberry development environment and simulator
Setting up the Blackberry pentesting environment
Setting up the Windows phone development environment and simulator
Setting up the Windows phone pentesting environment
Configuring traffic interception settings for Blackberry phones
Stealing data from Windows phones applications
Stealing data from Blackberry applications
Reading local data in Windows phone
NFC-based attacks

What You Will Learn

  • Install and configure Android SDK and ADB
  • Analyze Android Permission Model using ADB and bypass Android Lock Screen Protection
  • Set up the iOS Development Environment - Xcode and iOS Simulator
  • Create a Simple Android app and iOS app and run it in Emulator and Simulator respectively
  • Set up the Android and iOS Pentesting Environment
  • Explore mobile malware, reverse engineering, and code your own malware
  • Audit Android and iOS apps using static and dynamic analysis
  • Examine iOS App Data storage and Keychain security vulnerabilities
  • Set up the Wireless Pentesting Lab for Mobile Devices
  • Configure traffic interception with Android and intercept Traffic using Burp Suite and Wireshark
  • Attack mobile applications by playing around with traffic and SSL certificates
  • Set up the Blackberry and Windows Phone Development Environment and Simulator
  • Setting up the Blackberry and Windows Phone Pentesting Environment
  • Steal data from Blackberry and Windows phones applications

Authors

Table of Contents

Chapter 1: Introduction to Mobile Security
Introduction
Installing and configuring Android SDK and ADB
Creating a simple Android app and running it in an emulator
Analyzing the Android permission model using ADB
Bypassing Android lock screen protection
Setting up the iOS development environment - Xcode and iOS simulator
Creating a simple iOS app and running it in the simulator
Setting up the Android pentesting environment
Setting up the iOS pentesting environment
Introduction to rooting and jailbreaking
Chapter 2: Mobile Malware-Based Attacks
Introduction
Analyzing an Android malware sample
Using Androguard for malware analysis
Writing custom malware for Android from scratch
Permission model bypassing in Android
Reverse engineering iOS applications
Analyzing malware in the iOS environment
Chapter 3: Auditing Mobile Applications
Introduction
Auditing Android apps using static analysis
Auditing Android apps a using a dynamic analyzer
Using Drozer to find vulnerabilities in Android applications
Auditing iOS application using static analysis
Auditing iOS application using a dynamic analyzer
Examining iOS App Data storage and Keychain security vulnerabilities
Finding vulnerabilities in WAP-based mobile apps
Finding client-side injection
Insecure encryption in mobile apps
Discovering data leakage sources
Other application-based attacks in mobile devices
Launching intent injection in Android
Chapter 4: Attacking Mobile Application Traffic
Introduction
Setting up the wireless pentesting lab for mobile devices
Configuring traffic interception with Android
Intercepting traffic using Burp Suite and Wireshark
Using MITM proxy to modify and attack
Configuring traffic interception with iOS
Analyzing traffic and extracting sensitive information from iOS App traffic
WebKit attacks on mobile applications
Performing SSL traffic interception by certificate manipulation
Using a mobile configuration profile to set up a VPN and intercept traffic in iOS devices
Bypassing SSL certificate validation in Android and iOS
Chapter 5: Working with Other Platforms
Introduction
Setting up the Blackberry development environment and simulator
Setting up the Blackberry pentesting environment
Setting up the Windows phone development environment and simulator
Setting up the Windows phone pentesting environment
Configuring traffic interception settings for Blackberry phones
Stealing data from Windows phones applications
Stealing data from Blackberry applications
Reading local data in Windows phone
NFC-based attacks

Book Details

ISBN 139781783558728
Paperback230 pages
Read More
From 1 reviews

Read More Reviews

Recommended for You

Python Machine Learning Book Cover
Python Machine Learning
$ 35.99
$ 25.20
Delphi Cookbook Book Cover
Delphi Cookbook
$ 26.99
$ 18.90
Learning Android Game Development Book Cover
Learning Android Game Development
$ 27.99
$ 19.60
Kali Linux Network Scanning Cookbook Book Cover
Kali Linux Network Scanning Cookbook
$ 30.99
$ 21.70
Practical Mobile Forensics Book Cover
Practical Mobile Forensics
$ 35.99
$ 25.20
Web Penetration Testing with Kali Linux Book Cover
Web Penetration Testing with Kali Linux
$ 29.99
$ 21.00