Syllabus
Security of Mobile Networks: Security for Wi-Fi, Telecom, Personal Area Networks, Near Field Communications – Bluetooth, NFC. Security of Mobile Applications: Payments, VoIP, Multimedia. Security of Mobile Platforms: Android, iOS, Windows Phone. Security of Mobile Services: WAP, Mobile HTML, SMS, Location – Android App development- Activities, Intents, Fragments, Data storage, Broadcast receivers and Content Providers, Services, Async Tasks, GPS and GoogleMaps, Sensors, Connecting WebAPIs, Emulator and ADB, APK Internals, Networking, Device Rooting, TCP/IP Attacks, TCP/IP Attacks Using Android, DAC and MAC Permissions, Android Internals, Framework, Init, Zygote, Binder, Service Manager, Activity Manager, TEE, Reverse Engineering- Apktool, Ghidra, Jadx, code review, Static and Dynamic analysis, runtime instrumentation and smali patching, Native Library Exploitation, OWASP, Security Assessment with Drozer and Burpsuite, Some of the attacks and Vulnerabilities in real world android apps (A case study) – XSS, Strandhogg, Code Injection -Overlay Attacks, Insecure Deep links, Malware Analysis, Bouncer, Privacy Violation, System Call Hardening, ASLR, ROP, Framework Exploits. iOS application and app store, decrypting iOS app, iOS app analysis.