[prev in list] [next in list] [prev in thread] [next in thread] 

List:       websecurity
Subject:    [WEB SECURITY] Tool: ExploitMe Mobile vulnerable Android and iPhone
From:       Oliver Ng <oliverng () securitycompass ! com>
Date:       2011-10-25 8:54:45
Message-ID: 845BAFF5C2833649984ACE096763B9124B682A9294 () AUSP01VMBX05 ! collaborationhost ! net
[Download RAW message or body]

Hi Everyone,

We've just released ExploitMe Mobile, an vulnerable Mobile Application with Labs.  \
It's an open source project and we have released versions for both iPhone and \
Android.

The application contains both mobile web and mobile programming defects and we've \
outlined a set of labs and solutions online to guide you.    This tool will help both \
mobile QA and mobile web developers to learn the kinds of weaknesses that exist in \
the mobile app space.

We hope you find the mobile application useful, and hope that if you like it you'll \
help contribute by adding more vulnerabilities and exercises.

What you're able to learn using ExploitMe Mobile:
-  Parameter manipulation of traffic
- Insecure communications
- Weak password lock screens
- Insecure memory management
- Weak file system permissions
- Insecure storage of files
- Insecure logging of information

You can find the full blog overview here with source code links:
http://labs.securitycompass.com/tools/new-mobile-security-course-and-exploitme-mobile/


ExploitMe Android Lab setup and walkthroughs:
http://securitycompass.github.com/AndroidLabs/

ExploitMe iPhone Lab setup and walkthroughs:
http://securitycompass.github.com/iPhoneLabs/


Cheers,

Oliver


Oliver Ng
Director of Training, Security Compass
email: oliver@securitycompass.com
direct : 1.888.777.2211 ext. 125
mobile: +852.9551.7067
twitter: @oliverseccom
linkedin: www.linkedin.com/in/oliverng
web: www.securitycompass.com/training


_______________________________________________
The Web Security Mailing List

WebSecurity RSS Feed
http://www.webappsec.org/rss/websecurity.rss

Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA

WASC on Twitter
http://twitter.com/wascupdates

websecurity@lists.webappsec.org
http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic