SlideShare a Scribd company logo

Outsmarting smartphones

Download as PPT, PDF
SensePost
SensePost

Presentation by Saurabh Harit att he mobile security summit in johannesburg 2011. This presentation is about security on the iPhone and Android platforms. The presentation begins with a discussion on decrypting iPhone apps and its implications. The Android security model is discussed. The presentation ends with a series of discussions on practical Android attacks.

TechnologyNews & Politics
1 of 33
[object Object],[object Object],O ut S marting SmartPhones
echo whoami ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Why care??? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
I once had an iPhone...
iPhone Binary Format ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Reverse Engineering iPhone Apps
Decrypting iPhone Binary ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Decrypting iPhone Binary ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Decrypting iPhone Binary ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
I have an Android phone... ...and I love it :-)
Android Architecture
Android Security Model ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
AndroidManifest.xml ,[object Object],[object Object],[object Object],[object Object],[object Object]
Activity ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Intents ,[object Object],[object Object],[object Object],[object Object],[object Object],Start an Activity
Broadcast Receiver ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Service ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Understanding Android App
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
APK File Format ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Decompiling Android Apps
Analyzing HTTP Traffic
Bypassing Lock Pattern
 
 
Insecure Data Storage
All your data is Mine
Manifestor.py
Manifestor
Lets Sum It Up ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object]
References ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Recommended

Mobile application security tools
Mobile application security toolsMobile application security tools
Mobile application security toolsQTMContent
 
CONFidence 2015: iOS Hacking: Advanced Pentest & Forensic Techniques - Omer S...
CONFidence 2015: iOS Hacking: Advanced Pentest & Forensic Techniques - Omer S...CONFidence 2015: iOS Hacking: Advanced Pentest & Forensic Techniques - Omer S...
CONFidence 2015: iOS Hacking: Advanced Pentest & Forensic Techniques - Omer S...PROIDEA
 
Android malware overview, status and dilemmas
Android malware overview, status and dilemmasAndroid malware overview, status and dilemmas
Android malware overview, status and dilemmasTech and Law Center
 
Mobile Application Security Testing, Testing for Mobility App | www.idexcel.com
Mobile Application Security Testing, Testing for Mobility App | www.idexcel.comMobile Application Security Testing, Testing for Mobility App | www.idexcel.com
Mobile Application Security Testing, Testing for Mobility App | www.idexcel.comIdexcel Technologies
 
Android Malware: Study and analysis of malware for privacy leak in ad-hoc net...
Android Malware: Study and analysis of malware for privacy leak in ad-hoc net...Android Malware: Study and analysis of malware for privacy leak in ad-hoc net...
Android Malware: Study and analysis of malware for privacy leak in ad-hoc net...IOSR Journals
 
Is My App Secure ?
Is My App Secure ? Is My App Secure ?
Is My App Secure ?Herman Duarte
 
Android presentation
Android presentationAndroid presentation
Android presentationImam Raza
 
Understanding android security model
Understanding android security modelUnderstanding android security model
Understanding android security modelPragati Rai
 

Recommended

Mobile application security tools
Mobile application security toolsMobile application security tools
Mobile application security toolsQTMContent
 
CONFidence 2015: iOS Hacking: Advanced Pentest & Forensic Techniques - Omer S...
CONFidence 2015: iOS Hacking: Advanced Pentest & Forensic Techniques - Omer S...CONFidence 2015: iOS Hacking: Advanced Pentest & Forensic Techniques - Omer S...
CONFidence 2015: iOS Hacking: Advanced Pentest & Forensic Techniques - Omer S...PROIDEA
 
Android malware overview, status and dilemmas
Android malware overview, status and dilemmasAndroid malware overview, status and dilemmas
Android malware overview, status and dilemmasTech and Law Center
 
Mobile Application Security Testing, Testing for Mobility App | www.idexcel.com
Mobile Application Security Testing, Testing for Mobility App | www.idexcel.comMobile Application Security Testing, Testing for Mobility App | www.idexcel.com
Mobile Application Security Testing, Testing for Mobility App | www.idexcel.comIdexcel Technologies
 
Android Malware: Study and analysis of malware for privacy leak in ad-hoc net...
Android Malware: Study and analysis of malware for privacy leak in ad-hoc net...Android Malware: Study and analysis of malware for privacy leak in ad-hoc net...
Android Malware: Study and analysis of malware for privacy leak in ad-hoc net...IOSR Journals
 
Is My App Secure ?
Is My App Secure ? Is My App Secure ?
Is My App Secure ?Herman Duarte
 
Android presentation
Android presentationAndroid presentation
Android presentationImam Raza
 
Understanding android security model
Understanding android security modelUnderstanding android security model
Understanding android security modelPragati Rai
 
First Steps in Android
First Steps in AndroidFirst Steps in Android
First Steps in AndroidRich Helton
 
Mobile Apps Security Testing -3
Mobile Apps Security Testing -3Mobile Apps Security Testing -3
Mobile Apps Security Testing -3Krisshhna Daasaarii
 
Improving Mobile Authentication for Public Safety and First Responders
Improving Mobile Authentication for Public Safety and First RespondersImproving Mobile Authentication for Public Safety and First Responders
Improving Mobile Authentication for Public Safety and First RespondersPriyanka Aash
 
Java & The Android Stack: A Security Analysis
Java & The Android Stack: A Security AnalysisJava & The Android Stack: A Security Analysis
Java & The Android Stack: A Security AnalysisPragati Rai
 
Mobile Application Security – Effective methodology, efficient testing!
Mobile Application Security – Effective methodology, efficient testing!Mobile Application Security – Effective methodology, efficient testing!
Mobile Application Security – Effective methodology, efficient testing!espheresecurity
 
C# Cookware - presented at CukeUp! 2014
C# Cookware - presented at CukeUp! 2014C# Cookware - presented at CukeUp! 2014
C# Cookware - presented at CukeUp! 2014Manuel Pais
 
Droidcon mobile security
Droidcon mobile securityDroidcon mobile security
Droidcon mobile securityJudy Ngure
 
Mobile Threats and Trends Changing Mobile App Security
Mobile Threats and Trends Changing Mobile App SecurityMobile Threats and Trends Changing Mobile App Security
Mobile Threats and Trends Changing Mobile App SecurityDevOps.com
 
Android malware analysis
Android malware analysisAndroid malware analysis
Android malware analysisJason Ross
 
Crack ios firmware-nlog2n
Crack ios firmware-nlog2nCrack ios firmware-nlog2n
Crack ios firmware-nlog2nnlog2n
 
Security threats in Android OS + App Permissions
Security threats in Android OS + App PermissionsSecurity threats in Android OS + App Permissions
Security threats in Android OS + App PermissionsHariharan Ganesan
 
Bypass Security Checking with Frida
Bypass Security Checking with FridaBypass Security Checking with Frida
Bypass Security Checking with FridaSatria Ady Pradana
 
Android Malware Detection Mechanisms
Android Malware Detection MechanismsAndroid Malware Detection Mechanisms
Android Malware Detection MechanismsTalha Kabakus
 
Barcode scanning on Android
Barcode scanning on AndroidBarcode scanning on Android
Barcode scanning on AndroidPietro F. Maggi
 
Attacking Proprietary Android Vendor Customizations
Attacking Proprietary Android Vendor CustomizationsAttacking Proprietary Android Vendor Customizations
Attacking Proprietary Android Vendor CustomizationsRoberto Natella
 
Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application Securitycclark_isec
 
Android reverse engineering: understanding third-party applications. OWASP EU...
Android reverse engineering: understanding third-party applications. OWASP EU...Android reverse engineering: understanding third-party applications. OWASP EU...
Android reverse engineering: understanding third-party applications. OWASP EU...Internet Security Auditors
 
Android chat in the cloud
Android chat in the cloudAndroid chat in the cloud
Android chat in the cloudfirenze-gtug
 
Mobile security
Mobile securityMobile security
Mobile securityStefaan
 
From Reversing to Exploitation
From Reversing to ExploitationFrom Reversing to Exploitation
From Reversing to ExploitationSatria Ady Pradana
 
Outsmarting SmartPhones
Outsmarting SmartPhonesOutsmarting SmartPhones
Outsmarting SmartPhonessaurabhharit
 
Android Programming made easy
Android Programming made easyAndroid Programming made easy
Android Programming made easyLars Vogel
 

More Related Content

What's hot

First Steps in Android
First Steps in AndroidFirst Steps in Android
First Steps in AndroidRich Helton
 
Improving Mobile Authentication for Public Safety and First Responders
Improving Mobile Authentication for Public Safety and First RespondersImproving Mobile Authentication for Public Safety and First Responders
Improving Mobile Authentication for Public Safety and First RespondersPriyanka Aash
 
Java & The Android Stack: A Security Analysis
Java & The Android Stack: A Security AnalysisJava & The Android Stack: A Security Analysis
Java & The Android Stack: A Security AnalysisPragati Rai
 
Mobile Application Security – Effective methodology, efficient testing!
Mobile Application Security – Effective methodology, efficient testing!Mobile Application Security – Effective methodology, efficient testing!
Mobile Application Security – Effective methodology, efficient testing!espheresecurity
 
C# Cookware - presented at CukeUp! 2014
C# Cookware - presented at CukeUp! 2014C# Cookware - presented at CukeUp! 2014
C# Cookware - presented at CukeUp! 2014Manuel Pais
 
Droidcon mobile security
Droidcon mobile securityDroidcon mobile security
Droidcon mobile securityJudy Ngure
 
Mobile Threats and Trends Changing Mobile App Security
Mobile Threats and Trends Changing Mobile App SecurityMobile Threats and Trends Changing Mobile App Security
Mobile Threats and Trends Changing Mobile App SecurityDevOps.com
 
Android malware analysis
Android malware analysisAndroid malware analysis
Android malware analysisJason Ross
 
Crack ios firmware-nlog2n
Crack ios firmware-nlog2nCrack ios firmware-nlog2n
Crack ios firmware-nlog2nnlog2n
 
Security threats in Android OS + App Permissions
Security threats in Android OS + App PermissionsSecurity threats in Android OS + App Permissions
Security threats in Android OS + App PermissionsHariharan Ganesan
 
Bypass Security Checking with Frida
Bypass Security Checking with FridaBypass Security Checking with Frida
Bypass Security Checking with FridaSatria Ady Pradana
 
Android Malware Detection Mechanisms
Android Malware Detection MechanismsAndroid Malware Detection Mechanisms
Android Malware Detection MechanismsTalha Kabakus
 
Barcode scanning on Android
Barcode scanning on AndroidBarcode scanning on Android
Barcode scanning on AndroidPietro F. Maggi
 
Attacking Proprietary Android Vendor Customizations
Attacking Proprietary Android Vendor CustomizationsAttacking Proprietary Android Vendor Customizations
Attacking Proprietary Android Vendor CustomizationsRoberto Natella
 
Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application Securitycclark_isec
 
Android reverse engineering: understanding third-party applications. OWASP EU...
Android reverse engineering: understanding third-party applications. OWASP EU...Android reverse engineering: understanding third-party applications. OWASP EU...
Android reverse engineering: understanding third-party applications. OWASP EU...Internet Security Auditors
 
Android chat in the cloud
Android chat in the cloudAndroid chat in the cloud
Android chat in the cloudfirenze-gtug
 
Mobile security
Mobile securityMobile security
Mobile securityStefaan
 
From Reversing to Exploitation
From Reversing to ExploitationFrom Reversing to Exploitation
From Reversing to ExploitationSatria Ady Pradana
 

What's hot (20)

First Steps in Android
First Steps in AndroidFirst Steps in Android
First Steps in Android
 
Mobile Apps Security Testing -3
Mobile Apps Security Testing -3Mobile Apps Security Testing -3
Mobile Apps Security Testing -3
 
Improving Mobile Authentication for Public Safety and First Responders
Improving Mobile Authentication for Public Safety and First RespondersImproving Mobile Authentication for Public Safety and First Responders
Improving Mobile Authentication for Public Safety and First Responders
 
Java & The Android Stack: A Security Analysis
Java & The Android Stack: A Security AnalysisJava & The Android Stack: A Security Analysis
Java & The Android Stack: A Security Analysis
 
Mobile Application Security – Effective methodology, efficient testing!
Mobile Application Security – Effective methodology, efficient testing!Mobile Application Security – Effective methodology, efficient testing!
Mobile Application Security – Effective methodology, efficient testing!
 
C# Cookware - presented at CukeUp! 2014
C# Cookware - presented at CukeUp! 2014C# Cookware - presented at CukeUp! 2014
C# Cookware - presented at CukeUp! 2014
 
Droidcon mobile security
Droidcon mobile securityDroidcon mobile security
Droidcon mobile security
 
Mobile Threats and Trends Changing Mobile App Security
Mobile Threats and Trends Changing Mobile App SecurityMobile Threats and Trends Changing Mobile App Security
Mobile Threats and Trends Changing Mobile App Security
 
Android malware analysis
Android malware analysisAndroid malware analysis
Android malware analysis
 
Crack ios firmware-nlog2n
Crack ios firmware-nlog2nCrack ios firmware-nlog2n
Crack ios firmware-nlog2n
 
Security threats in Android OS + App Permissions
Security threats in Android OS + App PermissionsSecurity threats in Android OS + App Permissions
Security threats in Android OS + App Permissions
 
Bypass Security Checking with Frida
Bypass Security Checking with FridaBypass Security Checking with Frida
Bypass Security Checking with Frida
 
Android Malware Detection Mechanisms
Android Malware Detection MechanismsAndroid Malware Detection Mechanisms
Android Malware Detection Mechanisms
 
Barcode scanning on Android
Barcode scanning on AndroidBarcode scanning on Android
Barcode scanning on Android
 
Attacking Proprietary Android Vendor Customizations
Attacking Proprietary Android Vendor CustomizationsAttacking Proprietary Android Vendor Customizations
Attacking Proprietary Android Vendor Customizations
 
Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application Security
 
Android reverse engineering: understanding third-party applications. OWASP EU...
Android reverse engineering: understanding third-party applications. OWASP EU...Android reverse engineering: understanding third-party applications. OWASP EU...
Android reverse engineering: understanding third-party applications. OWASP EU...
 
Android chat in the cloud
Android chat in the cloudAndroid chat in the cloud
Android chat in the cloud
 
Mobile security
Mobile securityMobile security
Mobile security
 
From Reversing to Exploitation
From Reversing to ExploitationFrom Reversing to Exploitation
From Reversing to Exploitation
 

Similar to Outsmarting smartphones

Outsmarting SmartPhones
Outsmarting SmartPhonesOutsmarting SmartPhones
Outsmarting SmartPhonessaurabhharit
 
Android Programming made easy
Android Programming made easyAndroid Programming made easy
Android Programming made easyLars Vogel
 
From Reversing to Exploitation: Android Application Security in Essence
From Reversing to Exploitation: Android Application Security in EssenceFrom Reversing to Exploitation: Android Application Security in Essence
From Reversing to Exploitation: Android Application Security in EssenceSatria Ady Pradana
 
Mobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring BudgetMobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring BudgetBrent Muir
 
Android Development in a Nutshell
Android Development in a NutshellAndroid Development in a Nutshell
Android Development in a NutshellAleix Solé
 
Android– forensics and security testing
Android– forensics and security testingAndroid– forensics and security testing
Android– forensics and security testingSanthosh Kumar
 
Android Introduction on Java Forum Stuttgart 11
Android Introduction on Java Forum Stuttgart 11 Android Introduction on Java Forum Stuttgart 11
Android Introduction on Java Forum Stuttgart 11 Lars Vogel
 
Android security and penetration testing | DIVA | Yogesh Ojha
Android security and penetration testing | DIVA | Yogesh OjhaAndroid security and penetration testing | DIVA | Yogesh Ojha
Android security and penetration testing | DIVA | Yogesh OjhaYogesh Ojha
 
Pentesting iOS Applications
Pentesting iOS ApplicationsPentesting iOS Applications
Pentesting iOS Applicationsjasonhaddix
 
Manish Chasta - Securing Android Applications
Manish Chasta - Securing Android ApplicationsManish Chasta - Securing Android Applications
Manish Chasta - Securing Android ApplicationsPositive Hack Days
 
Hacking your Droid (Aditya Gupta)
Hacking your Droid (Aditya Gupta)Hacking your Droid (Aditya Gupta)
Hacking your Droid (Aditya Gupta)ClubHack
 
Mobile Application Development-Lecture 03 & 04.pdf
Mobile Application Development-Lecture 03 & 04.pdfMobile Application Development-Lecture 03 & 04.pdf
Mobile Application Development-Lecture 03 & 04.pdfAbdullahMunir32
 
Android terminologies
Android terminologiesAndroid terminologies
Android terminologiesjerry vasoya
 
Introduction to android mobile app development.pptx
Introduction to android mobile app development.pptxIntroduction to android mobile app development.pptx
Introduction to android mobile app development.pptxridzah12
 
600.250 UI Cross Platform Development and the Android Security Model
600.250 UI Cross Platform Development and the Android Security Model600.250 UI Cross Platform Development and the Android Security Model
600.250 UI Cross Platform Development and the Android Security ModelMichael Rushanan
 
Android developer interview questions with answers pdf
Android developer interview questions with answers pdfAndroid developer interview questions with answers pdf
Android developer interview questions with answers pdfazlist247
 
Mobile application security
Mobile application securityMobile application security
Mobile application securityShubhneet Goel
 
Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application SecurityIshan Girdhar
 
Gene Presentation For Android
Gene Presentation For AndroidGene Presentation For Android
Gene Presentation For AndroidGene Leybzon
 

Similar to Outsmarting smartphones (20)

Outsmarting SmartPhones
Outsmarting SmartPhonesOutsmarting SmartPhones
Outsmarting SmartPhones
 
Android Programming made easy
Android Programming made easyAndroid Programming made easy
Android Programming made easy
 
MSR iOS Tranining
MSR iOS TraniningMSR iOS Tranining
MSR iOS Tranining
 
From Reversing to Exploitation: Android Application Security in Essence
From Reversing to Exploitation: Android Application Security in EssenceFrom Reversing to Exploitation: Android Application Security in Essence
From Reversing to Exploitation: Android Application Security in Essence
 
Mobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring BudgetMobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring Budget
 
Android Development in a Nutshell
Android Development in a NutshellAndroid Development in a Nutshell
Android Development in a Nutshell
 
Android– forensics and security testing
Android– forensics and security testingAndroid– forensics and security testing
Android– forensics and security testing
 
Android Introduction on Java Forum Stuttgart 11
Android Introduction on Java Forum Stuttgart 11 Android Introduction on Java Forum Stuttgart 11
Android Introduction on Java Forum Stuttgart 11
 
Android security and penetration testing | DIVA | Yogesh Ojha
Android security and penetration testing | DIVA | Yogesh OjhaAndroid security and penetration testing | DIVA | Yogesh Ojha
Android security and penetration testing | DIVA | Yogesh Ojha
 
Pentesting iOS Applications
Pentesting iOS ApplicationsPentesting iOS Applications
Pentesting iOS Applications
 
Manish Chasta - Securing Android Applications
Manish Chasta - Securing Android ApplicationsManish Chasta - Securing Android Applications
Manish Chasta - Securing Android Applications
 
Hacking your Droid (Aditya Gupta)
Hacking your Droid (Aditya Gupta)Hacking your Droid (Aditya Gupta)
Hacking your Droid (Aditya Gupta)
 
Mobile Application Development-Lecture 03 & 04.pdf
Mobile Application Development-Lecture 03 & 04.pdfMobile Application Development-Lecture 03 & 04.pdf
Mobile Application Development-Lecture 03 & 04.pdf
 
Android terminologies
Android terminologiesAndroid terminologies
Android terminologies
 
Introduction to android mobile app development.pptx
Introduction to android mobile app development.pptxIntroduction to android mobile app development.pptx
Introduction to android mobile app development.pptx
 
600.250 UI Cross Platform Development and the Android Security Model
600.250 UI Cross Platform Development and the Android Security Model600.250 UI Cross Platform Development and the Android Security Model
600.250 UI Cross Platform Development and the Android Security Model
 
Android developer interview questions with answers pdf
Android developer interview questions with answers pdfAndroid developer interview questions with answers pdf
Android developer interview questions with answers pdf
 
Mobile application security
Mobile application securityMobile application security
Mobile application security
 
Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application Security
 
Gene Presentation For Android
Gene Presentation For AndroidGene Presentation For Android
Gene Presentation For Android
 

More from SensePost

objection - runtime mobile exploration
objection - runtime mobile explorationobjection - runtime mobile exploration
objection - runtime mobile explorationSensePost
 
Vulnerabilities in TN3270 based Application
Vulnerabilities in TN3270 based ApplicationVulnerabilities in TN3270 based Application
Vulnerabilities in TN3270 based ApplicationSensePost
 
Ruler and Liniaal @ Troopers 17
Ruler and Liniaal @ Troopers 17Ruler and Liniaal @ Troopers 17
Ruler and Liniaal @ Troopers 17SensePost
 
Introducing (DET) the Data Exfiltration Toolkit
Introducing (DET) the Data Exfiltration ToolkitIntroducing (DET) the Data Exfiltration Toolkit
Introducing (DET) the Data Exfiltration ToolkitSensePost
 
ZaCon 2015 - Zombie Mana Attacks
ZaCon 2015 - Zombie Mana AttacksZaCon 2015 - Zombie Mana Attacks
ZaCon 2015 - Zombie Mana AttacksSensePost
 
Improvement in Rogue Access Points - SensePost Defcon 22
Improvement in Rogue Access Points - SensePost Defcon 22Improvement in Rogue Access Points - SensePost Defcon 22
Improvement in Rogue Access Points - SensePost Defcon 22SensePost
 
Heartbleed Overview
Heartbleed OverviewHeartbleed Overview
Heartbleed OverviewSensePost
 
Botconf 2013 - DNS-based Botnet C2 Server Detection
Botconf 2013 - DNS-based Botnet C2 Server DetectionBotconf 2013 - DNS-based Botnet C2 Server Detection
Botconf 2013 - DNS-based Botnet C2 Server DetectionSensePost
 
Rat a-tat-tat
Rat a-tat-tatRat a-tat-tat
Rat a-tat-tatSensePost
 
Hacking Z-Wave Home Automation Systems
Hacking Z-Wave Home Automation SystemsHacking Z-Wave Home Automation Systems
Hacking Z-Wave Home Automation SystemsSensePost
 
Offence oriented Defence
Offence oriented DefenceOffence oriented Defence
Offence oriented DefenceSensePost
 
Threats to machine clouds
Threats to machine cloudsThreats to machine clouds
Threats to machine cloudsSensePost
 
Inside .NET Smart Card Operating System
Inside .NET Smart Card Operating SystemInside .NET Smart Card Operating System
Inside .NET Smart Card Operating SystemSensePost
 
SNMP : Simple Network Mediated (Cisco) Pwnage
SNMP : Simple Network Mediated (Cisco) PwnageSNMP : Simple Network Mediated (Cisco) Pwnage
SNMP : Simple Network Mediated (Cisco) PwnageSensePost
 
Its Ok To Get Hacked
Its Ok To Get HackedIts Ok To Get Hacked
Its Ok To Get HackedSensePost
 
Web Application Hacking
Web Application HackingWeb Application Hacking
Web Application HackingSensePost
 
Putting the tea back into cyber terrorism
Putting the tea back into cyber terrorismPutting the tea back into cyber terrorism
Putting the tea back into cyber terrorismSensePost
 
Major global information security trends - a summary
Major global information security trends - a summaryMajor global information security trends - a summary
Major global information security trends - a summarySensePost
 
Attacks and Defences
Attacks and DefencesAttacks and Defences
Attacks and DefencesSensePost
 
Corporate Threat Modeling v2
Corporate Threat Modeling v2Corporate Threat Modeling v2
Corporate Threat Modeling v2SensePost
 

More from SensePost (20)

objection - runtime mobile exploration
objection - runtime mobile explorationobjection - runtime mobile exploration
objection - runtime mobile exploration
 
Vulnerabilities in TN3270 based Application
Vulnerabilities in TN3270 based ApplicationVulnerabilities in TN3270 based Application
Vulnerabilities in TN3270 based Application
 
Ruler and Liniaal @ Troopers 17
Ruler and Liniaal @ Troopers 17Ruler and Liniaal @ Troopers 17
Ruler and Liniaal @ Troopers 17
 
Introducing (DET) the Data Exfiltration Toolkit
Introducing (DET) the Data Exfiltration ToolkitIntroducing (DET) the Data Exfiltration Toolkit
Introducing (DET) the Data Exfiltration Toolkit
 
ZaCon 2015 - Zombie Mana Attacks
ZaCon 2015 - Zombie Mana AttacksZaCon 2015 - Zombie Mana Attacks
ZaCon 2015 - Zombie Mana Attacks
 
Improvement in Rogue Access Points - SensePost Defcon 22
Improvement in Rogue Access Points - SensePost Defcon 22Improvement in Rogue Access Points - SensePost Defcon 22
Improvement in Rogue Access Points - SensePost Defcon 22
 
Heartbleed Overview
Heartbleed OverviewHeartbleed Overview
Heartbleed Overview
 
Botconf 2013 - DNS-based Botnet C2 Server Detection
Botconf 2013 - DNS-based Botnet C2 Server DetectionBotconf 2013 - DNS-based Botnet C2 Server Detection
Botconf 2013 - DNS-based Botnet C2 Server Detection
 
Rat a-tat-tat
Rat a-tat-tatRat a-tat-tat
Rat a-tat-tat
 
Hacking Z-Wave Home Automation Systems
Hacking Z-Wave Home Automation SystemsHacking Z-Wave Home Automation Systems
Hacking Z-Wave Home Automation Systems
 
Offence oriented Defence
Offence oriented DefenceOffence oriented Defence
Offence oriented Defence
 
Threats to machine clouds
Threats to machine cloudsThreats to machine clouds
Threats to machine clouds
 
Inside .NET Smart Card Operating System
Inside .NET Smart Card Operating SystemInside .NET Smart Card Operating System
Inside .NET Smart Card Operating System
 
SNMP : Simple Network Mediated (Cisco) Pwnage
SNMP : Simple Network Mediated (Cisco) PwnageSNMP : Simple Network Mediated (Cisco) Pwnage
SNMP : Simple Network Mediated (Cisco) Pwnage
 
Its Ok To Get Hacked
Its Ok To Get HackedIts Ok To Get Hacked
Its Ok To Get Hacked
 
Web Application Hacking
Web Application HackingWeb Application Hacking
Web Application Hacking
 
Putting the tea back into cyber terrorism
Putting the tea back into cyber terrorismPutting the tea back into cyber terrorism
Putting the tea back into cyber terrorism
 
Major global information security trends - a summary
Major global information security trends - a summaryMajor global information security trends - a summary
Major global information security trends - a summary
 
Attacks and Defences
Attacks and DefencesAttacks and Defences
Attacks and Defences
 
Corporate Threat Modeling v2
Corporate Threat Modeling v2Corporate Threat Modeling v2
Corporate Threat Modeling v2
 

Recently uploaded

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 

Recently uploaded (20)

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 

Outsmarting smartphones