iOS

Trainings 2020 - Schedule

First of all, we would like to wish you a happy new year 2020! Wishing you all the best. We have some exciting news regarding our training schedule for this year. Our Mobile Hacking course will be delivered in 3 different infosec conferences! If you want to have a preview of the covered subjects, we are going to tweet #mobile #hacking #tips in February. BSides Budapest - Workshop - March 26 Coming back to BSides Budapest in order to deliver not one but two workshops!

Continue reading

[Training/Conference] DeepSec 2019

Training During the DeepSec event, we gave our Mobile Hacking training (this training was also provided at Hack In Paris). This training presented the toolset needed when assessing mobile applications (such as adb, Apktool, Jadx, Androguard, Cycript, Frida, Needle and MobSF) and, also, the techniques to help you to work faster and in a more efficient way in the mobile ecosystem. This 2-days training focused on Android and iOS applications.

Continue reading

[PUBLICATION] Éprouver la sécurité des applications mobiles

Guillaume et moi-même avons écrit trois articles sur la sécurité des applications mobiles (tout le dossier en fait ;), qui ont été publiés dans le magazine MISC106 de novembre/décembre : Contournement de l’API Google Play Billing (for fun and profit ;) Auditer la sécurité d’une application iOS (avec et sans jailbreak) Présentation du Mobile Security Testing Guide de l’OWASP (devenu LA référence dans le domaine) Comme à notre habitude nous aurions aimé opter pour une licence CC dans le but de mettre les articles à disposition au plus grand nombre dès l’expiration des droits d’auteur, mais cela n’a été possible que pour un seul des trois articles.

Continue reading

[Training/Conference] DeepSec 2019 - Mobile Hacking / Abusing Google Play Billing

RandoriSec is going back to DeepSec (Vienna, Austria) this year. Guillaume Lopes will give a talk about abusing the Google Play Billing API and he’ll give a training with Davy Douhine. The Mobile Hacking training, running the 27 and 28 November, is intended for penetration testers, bug bounty researchers or just curious who would like to improve their security testing skills applied to the mobile ecosystem. The objective of the course is to introduce the basic toolset (Adb, Apktool, Jadx, Cycript, Drozer, Frida, Hopper, Needle, etc.

Continue reading

[Training/Conference] Hack In Paris 2019

RandoriSec was at Hack In Paris 2019 and it was wonderful! This 9th edition took place at Maison de la Chimie in Paris (of course;)). The event was divided in two parts: June 16th to 18th: 3 days of trainings with 13 different subjects (IoT, ICS, Windows exploitation, Web and mobile hacking, etc.) June 19th to 20th: 2 days of talks with a unique track.

Continue reading

[Training/Conference] HIP – Mobile Hacking Training (17/18 June)

Guillaume Lopes (@Guillaume_Lopes) and Davy Douhine (@ddouhine), senior pentesters, will share many techniques, tips and tricks to deliver to pentesters, bug bounty researchers or just curious a 100% hands-on 2 days mobile training. Goal is to introduce tools (Adb, Apktool, Jadx, Cycript, Frida, Hopper, Needle, etc.) and techniques to help you to work faster and in a more efficient way in the mobile (Android and iOS) ecosystem. This is the exact training that you would have liked to have before wasting your precious time trying and failing while testing.

Continue reading

[Training/Conférence] Hackfest 2018 - iOS Mobile Application Hacking

Nous sommes très heureux d’annoncer que la formation “iOS Mobile Application Hacking” sera donnée en français à Québec au Canada pour la 10e édition de la conférence Hackfest ! La conférence, qui est le plus grand événement de hacking au Canada et réunit plus de 900 passionnés de sécurité informatique, aura lieu les 2 et le 3 novembre 2018 et sera précédé de 3 jours dédiés aux formations. RandoriSec aura le plaisir d’animer la formation “iOS Mobile Application Hacking” pour la première fois lors d’une conférence.

Continue reading

[Training] iOS Mobile Application Hacking

L’offre de formation de RandoriSec est enrichie d’un nouveau module de 2j pour apprendre à auditer la sécurité des applications mobiles iOS. Descriptif : L’objectif de cette formation est de transmettre les méthodes d’attaques visant les applications iOS ainsi que les recommandations permettant de contrer ou tout du moins ralentir ces attaques. Elle s’appuie sur la méthodologie MSTG (Mobile Security Testing Guide) de l’OWASP (Open Web Application Security Project) et l’outil open-source Needle.

Continue reading