Security of mobile apps: vulnerability assessment and penetration testing

by Alessandro Armando, Alessio Merlo, Luca Verderame

1) Introduction to the Mobile Ecosystem  (0,5h)

2) Basics of Android OS and apps (1h)

3) The Android Security Framework (0,5h)

3) Understanding real vulnerabilities in the OS and in the apps (1h)

4) Methodologies for VA/PT on Mobile (OWASP Mobile Testing Guide, SAST, DAST) (1h)

5) Practicals: detecting and evaluating vulnerabilities in real-world apps using real SAST/DAST tools (2h)