Cargando…
Mobile application penetration testing : explore real-world threat scenarios, attacks on mobile applications, and ways to counter them /
Explore real-world threat scenarios, attacks on mobile applications, and ways to counter themAbout This Book Gain insights into the current threat landscape of mobile applications in particular Explore the different options that are available on mobile platforms and prevent circumventions made by at...
| Clasificación: | Libro Electrónico |
|---|---|
| Autor principal: | |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
Birmingham, UK :
Packt Publishing,
2016.
|
| Colección: | Community experience distilled.
|
| Temas: | |
| Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
MARC
| LEADER | 00000cam a2200000 i 4500 | ||
|---|---|---|---|
| 001 | OR_ocn945741125 | ||
| 003 | OCoLC | ||
| 005 | 20231017213018.0 | ||
| 006 | m o d | ||
| 007 | cr unu|||||||| | ||
| 008 | 160331s2016 enka o 001 0 eng d | ||
| 040 | |a UMI |b eng |e rda |e pn |c UMI |d IDEBK |d N$T |d OCLCF |d COO |d KSU |d DEBSZ |d DEBBG |d OCLCQ |d VT2 |d UOK |d CEF |d NLE |d UKMGB |d WYU |d AGLDB |d IGB |d RDF |d OCLCO |d OCLCQ |d INARC |d OCLCQ |d QGK | ||
| 015 | |a GBB6G3516 |2 bnb | ||
| 016 | 7 | |a 018010646 |2 Uk | |
| 019 | |a 1259119104 | ||
| 020 | |a 9781785888694 |q (electronic bk.) | ||
| 020 | |a 1785888692 |q (electronic bk.) | ||
| 020 | |a 1785883372 |q (Trade Paper) | ||
| 020 | |a 9781785883378 |q (Trade Paper) | ||
| 020 | |z 9781785883378 | ||
| 024 | 3 | |a 9781785883378 | |
| 029 | 1 | |a DEBBG |b BV043969113 | |
| 029 | 1 | |a DEBSZ |b 480367930 | |
| 029 | 1 | |a DEBSZ |b 485796279 | |
| 029 | 1 | |a GBVCP |b 882849131 | |
| 029 | 1 | |a UKMGB |b 018010646 | |
| 035 | |a (OCoLC)945741125 |z (OCoLC)1259119104 | ||
| 037 | |a CL0500000727 |b Safari Books Online | ||
| 050 | 4 | |a QA76.76.A65 |b V45 2016 | |
| 072 | 7 | |a COM051330 |2 bisacsh | |
| 082 | 0 | 4 | |a 005.1/4 |2 23 |
| 049 | |a UAMI | ||
| 100 | 1 | |a Velu, Vijay Kumar, |e author. | |
| 245 | 1 | 0 | |a Mobile application penetration testing : |b explore real-world threat scenarios, attacks on mobile applications, and ways to counter them / |c Vijay Kumar Velu. |
| 264 | 1 | |a Birmingham, UK : |b Packt Publishing, |c 2016. | |
| 300 | |a 1 online resource (1 volume) : |b illustrations | ||
| 336 | |a text |b txt |2 rdacontent | ||
| 337 | |a computer |b c |2 rdamedia | ||
| 338 | |a online resource |b cr |2 rdacarrier | ||
| 347 | |a text file | ||
| 490 | 1 | |a Community experience distilled | |
| 588 | 0 | |a Online resource; title from cover page (Safari, viewed March 30, 2016). | |
| 500 | |a Includes index. | ||
| 520 | 8 | |a Explore real-world threat scenarios, attacks on mobile applications, and ways to counter themAbout This Book Gain insights into the current threat landscape of mobile applications in particular Explore the different options that are available on mobile platforms and prevent circumventions made by attackers This is a step-by-step guide to setting up your own mobile penetration testing environmentWho This Book Is ForIf you are a mobile application evangelist, mobile application developer, information security practitioner, penetration tester on infrastructure web applications, an application security professional, or someone who wants to learn mobile application security as a career, then this book is for you. This book will provide you with all the skills you need to get started with Android and iOS pen-testing. What You Will Learn Gain an in-depth understanding of Android and iOS architecture and the latest changes Discover how to work with different tool suites to assess any application Develop different strategies and techniques to connect to a mobile device Create a foundation for mobile application security principles Grasp techniques to attack different components of an Android device and the different functionalities of an iOS device Get to know secure development strategies for both iOS and Android applications Gain an understanding of threat modeling mobile applications Get an in-depth understanding of both Android and iOS implementation vulnerabilities and how to provide counter-measures while developing a mobile appIn DetailMobile security has come a long way over the last few years. It has transitioned from "should it be done?" to "it must be done!"Alongside the growing number of devises and applications, there is also a growth in the volume of Personally identifiable information (PII), Financial Data, and much more. This data needs to be secured. This is why Pen-testing is so important to modern application developers. You need to know how to secure user data, and find vulnerabilities and loopholes in your application that might lead to security breaches. This book gives you the necessary skills to security test your mobile applications as a beginner, developer, or security practitioner. You'll start by discovering the internal components of an Android and an iOS application. Moving ahead, you'll understand the inter-process working of these applications. Then you'll set up a test environment for this application using various tools to identify the loopholes and vulnerabilities in the structure of the applications. Finally, after collecting all information about these security loop holes, we'll start securing our applications from these threats. Style and approachThis is an easy-to-follow guide full of hands-on examples of real-world attack simulations. Each topic is explained in context with respect to testing, and for the more inquisitive, there are more details on the concepts and techniques used for different platforms | |
| 505 | 0 | |a Cover; Copyright; Credits; About the Author; About the Reviewers; www.PacktPub.com; Table of Contents; Preface; Chapter 1: The Mobile Application Security Landscape; The smartphone market share; The android operating system; The iPhone operating system (iOS); Different types of mobile applications; Native apps; Mobile web apps; Hybrid apps; Public Android and iOS vulnerabilities; Android vulnerabilities; iOS vulnerabilities; The key challenges in mobile application security; The impact of mobile application security; The need for mobile application penetration testing; Current market reaction | |
| 505 | 8 | |a The mobile application penetration testing methodologyDiscovery; Analysis/assessment; Exploitation; Reporting; The OWASP mobile security project; OWASP mobile top 10 risks; Vulnerable applications to practice; Summary; Chapter 2: Snooping Around the Architecture; The importance of architecture; The Android architecture; The Linux kernel; Confusion between Linux and the Linux kernel; Android runtime; The java virtual machine; The Dalvik virtual machine; Zygote; Core Java libraries; ART; Native libraries; The application framework; The applications layer; Native Android or system apps | |
| 505 | 8 | |a User-installed or custom appsThe Android software development kit; Android application packages (APK); Android application components; Intent; Activity; Services; Broadcast receivers; Content providers; Android Debug Bridge; Application sandboxing; Application signing; Secure inter-process communication; The Binder process; The Android permission model; The Android application build process; Android rooting; iOS architecture; Cocoa Touch; Media; Core services; Core OS; iOS SDK and Xcode; iOS application programming languages; Objective-C; The Objective-C runtime; Swift | |
| 505 | 8 | |a Understanding application statesApple's iOS security model; Device-level security; System-level security; An introduction to the secure boot chain; System software authorization; Secure Enclave; Data-level security; Data-protection classes; Keychain data protection; Changes in iOS 8 and 9; Network-level security; Application-level security; Application code signing; The iOS app sandbox; iOS isolation; Process isolation; Filesystem isolation; ASLR; Stack protection (non-executable stack and heap); Hardware-level security; iOS permissions; The iOS application structure; Jailbreaking | |
| 505 | 8 | |a Why jailbreak a device?Types of jailbreaks; Untethered jailbreaks; Tethered jailbreaks; Semi-tethered jailbreaks; Jailbreaking tools at a glance; The Mach-O binary file format; Inspecting a Mach-O binary; Property lists; Exploring the iOS filesystem; Summary; Chapter 3: Building a Test Environment; Mobile app penetration testing environment setup; Android Studio and SDK; The Android SDK; The Android Debug Bridge; Connecting to the device; Getting access to the device; Installing an application to the device; Extracting files from the device; Storing files to the device; Stopping the service | |
| 590 | |a eBooks on EBSCOhost |b EBSCO eBook Subscription Academic Collection - Worldwide | ||
| 590 | |a O'Reilly |b O'Reilly Online Learning: Academic/Public Library Edition | ||
| 650 | 0 | |a Application software |x Testing. | |
| 650 | 0 | |a Penetration testing (Computer security) | |
| 650 | 6 | |a Tests d'intrusion. | |
| 650 | 7 | |a COMPUTERS |x Software Development & Engineering |x Quality Assurance & Testing. |2 bisacsh | |
| 650 | 7 | |a Application software |x Testing. |2 fast |0 (OCoLC)fst00811716 | |
| 650 | 7 | |a Penetration testing (Computer security) |2 fast |0 (OCoLC)fst01789566 | |
| 776 | 0 | 8 | |i Erscheint auch als: |n Druck-Ausgabe |
| 830 | 0 | |a Community experience distilled. | |
| 856 | 4 | 0 | |u https://learning.oreilly.com/library/view/~/9781785883378/?ar |z Texto completo (Requiere registro previo con correo institucional) |
| 938 | |a Internet Archive |b INAR |n mobileapplicatio0000velu | ||
| 938 | |a EBSCOhost |b EBSC |n 1200823 | ||
| 938 | |a ProQuest MyiLibrary Digital eBook Collection |b IDEB |n cis34184241 | ||
| 994 | |a 92 |b IZTAP | ||