TibaMe: 道德駭客實務入門及CEH認證班
Teacher: 林煌錡 (Alex Lin)

The class on 4/22 introduced wireless network hacking, mobile platform hacking, IOT hacking and cloud platform hacking, and cryptography. I separated the content into three parts. This note is about mobile platform hacking.

Part2: Mobile Platform Hacking

🔸 OWASP Top 10 Mobile Threats

From OWASP: https://owasp.org/www-project-mobile-top-10/

I recommend that every iOS/Android app developer reads both the OWASP Mobile Top10 and the OWASP Mobile Application Security Testing Guide (MASTG).

🔸 iOS APP

From OWASP MASTG: https://mas.owasp.org/MASTG/iOS/0x06a-Platform-Overview/#ios-application-attack-surface

🔸 Android APP

From OWASP MASTG: https://mas.owasp.org/MASTG/Android/0x05a-Platform-Overview/#android-application-attack-surface

🔸 Tools

From OWASP MASTG: https://mas.owasp.org/MASTG/Tools/0x08a-Testing-Tools/

  • iOS
    From Teacher Alex’s PPT:

  • Android
    From Teacher Alex’s PPT:

🔸 Recommend Reading

👉 https://developer.android.com/topic/security/best-practices
👉 https://developer.apple.com/documentation/security

https://ithelp.ithome.com.tw/articles/10237144
https://en.wikipedia.org/wiki/Mobile_security