Practical Android Security - Dario Incalza скачать в хорошем качестве

Practical Android Security - Dario Incalza

In this session we will cover different attack techniques on Android applications followed by common best practices to protect against these attacks. We start with an introduction to the Android platform stack, Android application and attack surfaces. We introduce several reverse engineering concepts and how they apply to Android applications. We look into how bad cryptography implementations in Android can be attacked. Afterwards we show how to securely store sensitive user data on Android. Furthermore, we will show some hacking techniques that are used to dynamically attack an Android application. Immediately afterwards we show how to use certain techniques to evaluate the execution environment of the application. We conclude by showing how easy it is to perform a Man-in-the-Middle attack on an Android application and how you can implement a secure SSL pinning strategy in your application. Attendees walk away with tools and howtos on hacking their own applications, common best practices to safely store user data, protect application communications and dynamic application protection techniques. Dario Incalza is a mobile security expert at ZIONSECURITY. He puts his passion for Android and security at good use by performing pen tests on mobile applications. He enjoys performing security assessments on architectural as well as implementation level. When he is not working for clients he enjoys travelling the world to speak at various conferences on mobile security. He likes contributing to the community through technical blogs and open source projects. He actively tweets at @h4oxer.