Recent enhancements to the Frida open-source dynamic instrumentation toolkit greatly ease the process of conducting jailed testing. You no longer have to manually package the Frida Gadget in your target app. As long as the app is debuggable, Frida does that for you. This post will walk you through the process of using Frida on a jailed device.
Many people have heard about mobile man-in-the-middle (MiTM) attacks but aren’t sure just exactly what they are or how they happen. Learn more including the development and security issues that can leave apps vulnerable to MiTM attacks, tips for testing and the layers of network defense that can help you avoid these issues.
Let’s say a mobile app pen test costs $5,000 in house or $15,000 to $25,000 to outsource. Did you know that an automated mobile app security testing tool costs $10,000 per app per year and can be used for unlimited testing of each and every build? For at least 30% less than the cost of a single penetration test, organizations can employ an automated testing platform that lets them test every build of a mobile app, every day of the year.
In early September, radare2 users and developers from around the globe gathered in Barcelona for r2con, an annual conference celebrating the r2 multi-platform, open-source, reverse engineering framework supported by NowSecure. Around 200 attendees enjoyed four days of hacking, teaching, discussing, coding, socializing and having fun.
We frequently hear the same myths about mobile application security testing ranging from the notion that mobile apps are safe because Apple and Google test them to the notion that testing mobile apps is the same as testing web apps. These beliefs put organizations at risk of using and publishing mobile apps that are inherently insecure.
Discover what the top three misperceptions are and how to counter them.
Because NowSecure was founded as a mobile application forensics company a decade ago, penetration testing is built into our DNA. We’ve tested thousands of Android and iOS apps on behalf of our customers, uncovered some scary vulnerabilities and helped customers improve the security of their mobile apps. The following is the third installment of an