Mobile App Security Testing — Remote Authentication Exploit with iGoat
Goat

The video below demonstrates how to test a mobile application for remote authentication vulnerabilities. For this demonstration, I used a mobile application called iGoat. iGoat is designed for the iOS platform and functions as a learning tool for iOS developers. iGoat is a safe environment in which iOS developers can gain knowledge about the major […]

Read more
Mobile App Security Testing — iGoat Installation
Goat

The video below explains how to install and get iGoat up and running, so you can begin performing mobile application security testing. iGoat is designed for the iOS platform and functions as a learning tool for iOS developers. iGoat is a safe environment in which iOS developers can gain knowledge about the major security vulnerabilities […]

Read more
Building and Testing Secure Mobile Apps
Mobile Security

Mobile application development has been on the rise lately because of the convenience mobile apps have to offer. Despite the occurrence of security breaches performed on mobile devices recently, security testing is not as emphasized as other forms of quality testing measures such as user acceptance or functional testing. Just last year, hackers in China […]

Read more
How Do I Choose Mobile Devices for Testing?
Mobile App

One of the most challenging topics we discuss in our Mobile Application Testing training course is how to determine what devices to purchase for testing and how to get the widest device coverage for tests. When thinking through this there are several factors to consider: On what kinds of devices was my app designed to be used? […]

Read more
Compatibility For Mobile Web Apps

Introduction One major problem with writing a good mobile web app, is that it needs to run over ALL of the devices out there. While there a plenty of hacks to get your mobile site to only load/respond on certain device, it’s generally frowned upon, and not best practice. There are multiple ways to set […]

Read more
Diving Deeper into Mobile Penetration Testing Framework: AppUse

In the previous blog, I detailed a great starting point for mobile application testing— the AppUse framework—and highlighted its greatest pros and cons. This tool, created by AppSec-Labs, combines many additional tools to perform static and dynamic analysis of an application and the smartphone device that it runs. Remember, please only use the tools and […]

Read more
Easy Button for Testing of Mobile Devices and Apps: AppUse

Knowing where to start in the penetration testing world is very difficult and largely inconsistent. With so many options and tools available simply kicking off a scan of the network can require a considerable time investment. That is even truer in the relatively new world of mobile testing. Please only use the tools and methods discussed on systems that you […]

Read more
Mobile Trust: How to Test for It

Introduction With the surge of mobile applications being released, many developers and companies are finding it increasingly harder to standout from the rest. A great way to differentiate yourself, build a strong user base, and keep them happy with your product is through trust. As security and privacy come up more often the news, users […]

Read more
X