Santoku Linux is a F/OSS distro dedicated to mobile forensics, security and malware analysis. This talk will introduce Santoku Linux and demonstrate how easily attendees can install and update the OS and quickly move into analysis of both iOS and Android devices, apps and malware. Specific analysis tools and their benefits will be addressed and one or more demonstrated.

View Presentation >

Cycript is a javaskript interpreter which also understands Objective-C syntax. The goal will be to introduce it and show the attendees how they can hook into a running iOS app, read its internal workings and modify its behavior. Will explain how such runtime manipulation can be used to circumvent security, and ultimately help the developer secure the app from external attackers.

View Presentation >

Ever wondered what this black magic that hackers and security analysts use to reverse engineer apps? This presentation aims to quash the rumors that you need a Ph.D. in hacking to take apart a mobile app and learn its secrets. We’ll show how to extract an Android application from the phone, and use common and simple utilities to inspect it.

View Presentation >

The large mobile attack surface can be seen as a hostile environment. This presentation will focus on hardening where the critical organization data often resides-in the app. Come learn specific techniques attackers may use on every day app vulnerabilities, and how to best protect apps against those attacks.

View Presentation >

viaForensics Mobile Researcher Marco Grassi presented at DroidCon IT 2014 in Torino, Italy on February 6, 2014. His presentation, titled “Reverse Engineering, Pentesting, and Hardening of Android Apps” gave real-world examples of what to do (and not do) in Android application development.

View Presentation >

viaForensics researcher Andrey Belenko analyzes the security of iCloud Keychain, one of the key features of iOS 7.

View Presentation >