Penetration and Security Testing of Mobile Application is highly focused on security checks for your mobile apps. If you are develop mobile apps, then this penetration is what you should consider as basic for your mobile apps.
Our primary focus is at the application layer. While we take into consideration the underlying mobile platform and carrier inherent risks when threat modeling and building controls, we are targeting the areas that the average developer can make a difference.
Additionally, we focus not only on the mobile applications deployed to end user devices, but also on the broader server-side infrastructure which the mobile apps communicate with. We focus heavily on the integration between the mobile application, remote authentication services, and cloud platform-specific features.
Static methods:
Dynamic methods:
Network traffic analysis at different places in the network (at the device, gateway or in an own VPN)
Problems: Native apps do not use always device proxy settings; SSL encrypted connections;
Solutions: Special apps that force the usage of device proxy settings or which break SSL encrypted connections (mostly for jailbroken or rooted devices)
Possible by analyzing the communicating process for internal components
Call or manipulate specific functions
Read and write variable values •
Analysis file system changes during the runtime
Network traffic analysis reveals usage of HTTP and sending non-encrypted sensitive user data (session id, username and password). User authentication can be bypassed by runtime manipulation. File activity analysis shows that user credentials (username and password) are stored in and used from the OS keychain.
Forensic methods:
Analyze timestamps created from the file system. Timeline analysis shows that the app updates several files during its runtime.
Analyzing identified files and standard file types reveal that the user credentials are stored in plain text in the OS keychain.
