Given that the application binaries for Android and iOS have been obtained, we can perform further analysis using automated techniques. A great open source Python tool that can be leveraged for both Android and iOS is the Mobile Security Framework (MobSF). There are several features and capabilities MobSF can automate for us, particularly for Android apps. This recipe will demonstrate MobSF's automated static analysis features for both Android and iOS. Static analysis typically requires access to source code, however, decompiling Android and iOS applications can give us a form of pseudocode close to the original source.
- Preface
- IoT Penetration Testing
- Introduction
- Defining the IoT ecosystem and penetration testing life cycle
- Firmware 101
- Web applications in IoT
- Mobile applications in IoT
- Device basics
- Introduction to IoT's wireless communications
- Setting up an IoT pen testing lab
- Software tool requirements
- Firmware software tools
- Web application software tools
- Mobile application software tools
- Radio analysis tool requirements
- Radio analysis hardware
- Radio analysis software
- IoT Threat Modeling
- Analyzing and Exploiting Firmware
- Exploitation of Embedded Web Applications
- Exploiting IoT Mobile Applications
- IoT Device Hacking
- Radio Hacking
- Firmware Security Best Practices
- Mobile Security Best Practices
- Securing Hardware
- Advanced IoT Exploitation and Security Automation
- Software tool requirements
Using MobSF for static analysis
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.