SEC504: Hacker Tools, Techniques, and Incident Handling
SEC504Offensive Operations
SEC575: iOS and Android Application Security Analysis and Penetration Testing
SEC575Offensive Operations
- 6 Days (Instructor-Led)
- 36 Hours (Self-Paced)
Course created by:
Jeroen Beckers
Course created by:Jeroen Beckers
- GIAC Mobile Device Security Analyst (GMOB)
- 36 CPEs
Apply your credits to renew your certifications
- In-Person, Virtual or Self-Paced
Attend a live, instructor-led class at a location near you or remotely, or train on your time over 4 months
- Intermediate Skill Level
Course material is geared for cyber security professionals with hands-on experience
- 20 Hands-On Lab(s)
Apply what you learn with hands-on exercises and labs
Learn to comprehensively assess and test the security of iOS and Android devices and applications through hands-on analysis and penetration testing techniques.
Featured Quote
Very well organized, absolutely interesting and fun. Very effective way of getting passionate about as well as learning to analyze apps.
Course Overview
This intensive mobile pen test course equips security professionals with advanced skills to evaluate and test mobile device security across iOS and Android platforms. Through hands-on exercises using the Corellium platform, you'll learn to analyze applications, identify vulnerabilities, and conduct thorough penetration testing specific to mobile devices. The course covers everything from platform architecture and security controls to advanced dynamic analysis techniques and malware assessment. You'll gain practical experience with industry-standard tools and methodologies, including OWASP MASVS, while learning to effectively communicate risks to stakeholders. Whether you're assessing built-in features or third-party applications, you'll develop the expertise needed to protect your organization's mobile infrastructure.
What You’ll Learn
- Assess iOS and Android devices through Corellium's virtualized environment
- Perform static and dynamic analysis to identify mobile app vulnerabilities
- Bypass platform security controls and encryption mechanisms
- Execute penetration tests on mobile infrastructure and backends
- Analyze malware impact across Android and iOS platforms
- Apply OWASP MASVS standards to evaluate application security
- Communicate mobile security risks effectively to stakeholders
Meet Your Author
Jeroen Beckers
Certified InstructorJeroen’s co-authorship of OWASP's MSTG and MASVS standards, along with his pivotal role in the Cyber Security Challenge Belgium, has redefined mobile app security and inspired the next generation of cybersecurity talent.
Read more about Jeroen BeckersCourse Syllabus
Explore the course syllabus below to view the full range of topics covered in SEC575: iOS and Android Application Security Analysis and Penetration Testing.
Section 1iOS
This section provides a comprehensive examination of iOS security architecture and penetration testing methodologies. Using Corellium's virtualized environment, students gain hands-on experience analyzing iOS security controls, application data storage, and inter-app communications. We also cover jailbreaking techniques and malware threat assessment.
Topics covered
- iOS security architecture & core controls
- Data protection & encryption mechanisms
- App sandbox implementation & limitations
- Jailbreak detection & bypass techniques
- File system structure & data recovery
Labs
- Configure and utilize the Corellium platform for iOS testing
- Implement jailbreaking techniques and essential security testing tools
- Analyze application data storage patterns and backup contents
- Examine inter-application communication vulnerabilities
- Assess iOS malware threats and attack patterns
Section 2Android
Section two delves into Android's open-source architecture and varied security landscape. Students learn Android's unique inter-app communication methods, including services, intents, and content providers. Participants gain experience with root access techniques, filesystem analysis, and malware investigation, including ransomware and banking trojans.
Topics covered
- Android security model fundamentals
- Runtime environments & app execution
- Root access methods & implications
- Storage encryption & data protection
- Intent-based app communication risks
Labs
- Set up Corellium for Android testing environments
- Implement root access through various techniques
- Analyze application data storage and backup systems
- Test inter-app communication security
- Examine Android malware samples and attack patterns
Section 3Static Application Analysis
This section focuses on evaluating mobile application risks through static analysis techniques. Students learn to use both automated and manual assessment tools for iOS and Android apps, progressing from simple to obfuscated applications. Special attention is given to analyzing various application frameworks and their specific security challenges.
Topics covered
- Mobile app reverse engineering tools
- Decompilation & code analysis methods
- Anti-debugging bypass techniques
- Framework-specific security concerns
- Code obfuscation countermeasures
Labs
- Decompile and analyze Android applications
- Bypass iOS application encryption
- Analyze obfuscated applications
- Evaluate applications built with common frameworks
- Implement automated analysis tools like MobSF
Section 4Dynamic Mobile Application Analysis and Manipulation
Building on static analysis skills, this section explores runtime application analysis and modification. Students learn to use advanced instrumentation frameworks for both Android and iOS, including Cycript, Frida, and Objection. The section concludes with implementing the OWASP MASVS standard for comprehensive security assessment.
Topics covered
- Runtime manipulation with Frida hooks
- Method swizzling attack vectors
- Secure storage implementation flaws
- Application integrity verification
- Dynamic analysis methodology
Labs
- Implement runtime manipulation techniques
- Use instrumentation frameworks for security testing
- Perform method hooking and swizzling
- Extract sensitive data from secure storage
- Apply MASVS standards in security assessments
Section 5Penetration Testing
The final technical section's topic focuses on comprehensive mobile penetration testing, including back-end server assessment and man-in-the-middle attacks. Students learn to bypass security controls, access locked devices, and create sophisticated Remote Access Trojans for red team engagements.
Topics covered
- MITM attack implementation methods
- Certificate pinning bypass techniques
- Device authentication weaknesses
- Remote access payload development
- Social engineering attack vectors
Labs
- Execute man-in-the-middle attacks against mobile traffic
- Bypass SSL pinning and transport security
- Test device lock mechanisms and biometric security
- Develop and deploy mobile RAT applications
- Implement mobile phishing attack scenarios
Section 6Hands-on Capture-the-Flag Event
This culminating section integrates all course concepts into a comprehensive practical challenge. Students analyze multiple applications and forensic images, identifying vulnerabilities and sensitive data exposure while applying real-world mobile security assessment techniques.
Things You Need To Know
Course Schedule & Pricing
Looking for Group Purchase Options?Contact Us
GIAC Certification Attempt
Add a GIAC certification attempt and receive free two practice tests. View pricing in the info icons below.
OnDemand Course Access
When purchasing a live instructor-led class, add an additional 4 months of online access after your course. View pricing in the info icons below.
Filter by:
Location & instructorDate & TimeCourse priceEnrollment options
- Location & instructor
Virtual (OnDemand)
Instructed by Jeroen BeckersDate & TimeOnDemand (Anytime)Self-Paced, 4 months accessCourse price$8,780 USD*Prices exclude applicable local taxesEnrollment options - Location & instructor
Amsterdam, NL & Virtual (live)
Instructed by Jeroen BeckersDate & TimeFetching schedule..View event detailsCourse price€8,230 EUR*Prices exclude applicable local taxes - Location & instructor
Melbourne, VIC, AU & Virtual (live)
Instructed by Jeroen BeckersDate & TimeFetching schedule..View event detailsCourse priceA$13,350 AUD*Prices exclude applicable local taxes - Location & instructor
Melbourne, VIC, AU & Virtual (live)
Instructed by Jeroen BeckersDate & TimeFetching schedule..View event detailsCourse priceA$13,350 AUD*Prices exclude applicable local taxesEnrollment options - Location & instructor
Las Vegas, NV, US & Virtual (live)
Instructed by Jeroen BeckersDate & TimeFetching schedule..View event detailsCourse price$8,780 USD*Prices exclude applicable local taxes - Location & instructor
Orlando, FL, US & Virtual (live)
Instructed by Jeroen BeckersDate & TimeFetching schedule..View event detailsCourse price$8,780 USD*Prices exclude applicable local taxes - Location & instructor
Singapore, SG & Virtual (live)
Instructed by Jeroen BeckersDate & TimeFetching schedule..View event detailsCourse price$8,900 USD*Prices exclude applicable local taxes - Location & instructor
London, GB & Virtual (live)
Instructed by Jeroen BeckersDate & TimeFetching schedule..View event detailsCourse price£7,160 GBP*Prices exclude applicable taxes | EUR price available during checkout
Showing 8 of 8
Learn Alongside Leading Cybersecurity Professionals From Around The World
- Slide 1 of 2SEC575 is directly useful training - both to penetration testers and developers.
- Slide 2 of 2You think you know cybersecurity, then you take SANS SEC575 and - bam! - you realize there is so much more to learn!
Slide 1 of 0
(1/0)
Benefits of Learning with SANS
Get feedback from the world’s best cybersecurity experts and instructors
Choose how you want to learn - online, on demand, or at our live in-person training events
Get access to our range of industry-leading courses and resources