[prev in list] [next in list] [prev in thread] [next in thread]
List: websecurity
Subject: [WEB SECURITY] Tool: ExploitMe Mobile vulnerable Android and iPhone
From: Oliver Ng <oliverng () securitycompass ! com>
Date: 2011-10-25 8:54:45
Message-ID: 845BAFF5C2833649984ACE096763B9124B682A9294 () AUSP01VMBX05 ! collaborationhost ! net
[Download RAW message or body]
Hi Everyone,
We've just released ExploitMe Mobile, an vulnerable Mobile Application with Labs. \
It's an open source project and we have released versions for both iPhone and \
Android.
The application contains both mobile web and mobile programming defects and we've \
outlined a set of labs and solutions online to guide you. This tool will help both \
mobile QA and mobile web developers to learn the kinds of weaknesses that exist in \
the mobile app space.
We hope you find the mobile application useful, and hope that if you like it you'll \
help contribute by adding more vulnerabilities and exercises.
What you're able to learn using ExploitMe Mobile:
- Parameter manipulation of traffic
- Insecure communications
- Weak password lock screens
- Insecure memory management
- Weak file system permissions
- Insecure storage of files
- Insecure logging of information
You can find the full blog overview here with source code links:
http://labs.securitycompass.com/tools/new-mobile-security-course-and-exploitme-mobile/
ExploitMe Android Lab setup and walkthroughs:
http://securitycompass.github.com/AndroidLabs/
ExploitMe iPhone Lab setup and walkthroughs:
http://securitycompass.github.com/iPhoneLabs/
Cheers,
Oliver
Oliver Ng
Director of Training, Security Compass
email: oliver@securitycompass.com
direct : 1.888.777.2211 ext. 125
mobile: +852.9551.7067
twitter: @oliverseccom
linkedin: www.linkedin.com/in/oliverng
web: www.securitycompass.com/training
_______________________________________________
The Web Security Mailing List
WebSecurity RSS Feed
http://www.webappsec.org/rss/websecurity.rss
Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
WASC on Twitter
http://twitter.com/wascupdates
websecurity@lists.webappsec.org
http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic