Advanced Android & iOS Hands-on Exploitation Training at Toorcon San Diego
I'm Aditya from Attify. I'm glad to announce that, I'll be running a
2-day class on Android,
iOS and ARM Hands-on Exploitation at Toorcon 2014 in San Diego this
October. The training will focus on a hands-on approach to find vulns
and exploit them on mobile applications as well as the platform as
All the exercises will be performed on a customised Mobile
Exploitation training distro and on a set of vulnerable labs built for
Toorcon class. The labs
contains of over 25+ challenges over a span of 2 days along with 2
final CTF competition.
The goal of the class is to take the students from a ground level to
upwards of you being able to find and exploit vulnerabilities in any real world
application. Some of the topics that will be covered are :
[+] Internals of Android and iOS Security architecture
[+] Finding application based vulnerabilities
[+] OWASP Mobile Top 10 and lesser known vulns
[+] Exploiting Platform based weaknesses
[+] Assessing security of native apps
[+] Breaking obfuscation for mobile apps
[+] Security weaknesses in BYOD/MDM solutions
[+] Dex and Smali Labs for Android
[+] ARM Exploitation on Real world scenarios
Attendees will also be receiving :
[+] 3 months free access to online labs for mobile exploitation
[+] Reference materials for mobile exploitation
[+] Mobile Application Security Checklist for developers & security
[+] Winners of CTF will also receive author signed copy of "Learning
Pentesting for Android Devices"
I've been running a previous version of this class for the past two
years at Toorcon, receiving amazing feedback from the students. Apart
from Toorcon, a modified
early version of this training has also been conducted at BlackHat,
Syscan, OWASP AppSec, Brucon, HackInParis etc.
There are limited number of seats which usually fill out quite fast.
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.