h4cker/mobile_security/README.md

32 lines
2.1 KiB
Markdown
Raw Permalink Normal View History

2017-10-22 19:44:00 +00:00
# Mobile Device Security
The following are several of the resources covered in the [Art of Hacking Series LiveLessons](https://theartofhacking.org), [Safari Live Training](https://www.safaribooksonline.com/search/?query=ethical%20hacking%20omar%20santos&extended_publisher_data=true&highlight=true&is_academic_institution_account=false&source=user&include_assessments=false&include_case_studies=true&include_courses=true&include_orioles=true&include_playlists=true&formats=live%20online%20training&sort=relevance), and [penetration testing books authored by Omar Santos](https://omarsantos.io).
2017-10-22 19:44:00 +00:00
## OWASP Resources
- [OWASP Mobile Security Project](https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=Home)
- [OWASP Mobile Top 10](https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=Top_10_Mobile_Risks)
- [OWASP Mobile Security Testing Guide](https://b-mueller.gitbooks.io/the-owasp-mobile-security-testing-guide/content)
- [OWASP Mobile Application Security Verification Standard (MASVS)](https://www.owasp.org/images/6/61/MASVS_v0.9.4.pdf)
- [OWASP MThreat Model Project](https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=M-Threat_Model_Project)
2017-10-22 19:44:00 +00:00
## Android
- [Android Developer Studio](http://developer.android.com/sdk/index.html)
- [APKtool](http://ibotpeaches.github.io/Apktool/)
- [dex2jar](https://github.com/pxb1988/dex2jar)
- [Bytecode Viewer](https://bytecodeviewer.com/)
- [IDA Pro](https://www.hex-rays.com/products/ida/index.shtml)
- [Android Reverse Engineering Arsenals](https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=M-Tools)
2017-10-22 19:44:00 +00:00
2017-10-22 20:44:28 +00:00
2017-10-22 20:45:32 +00:00
### Dex2jar and JD-GUI
Dex2jar and JD-GUI are two different tools that are often used for reverse engineering Android apps. Dex2jar converts .dex files to .jar. JD-GUI is a Java decompiler that can decompile .jar files to the original Java source.
* http://sourceforge.net/projects/dex2jar/
* http://jd.benow.ca
2017-10-22 19:44:00 +00:00
## Apple iOS
- [Damn Vulnerable iOS Application (DVIA)](https://www.owasp.org/index.php/OWASP_DVIA)
- [DVIA Github Source](https://github.com/prateek147/DVIA)
- [DVIA Learning Resources](http://damnvulnerableiosapp.com/#learn)