This comprehensive course offers an in-depth exploration of both iOS and Android operating systems, focusing on their internals and security features. The iOS segment of the course dives into the architecture of iOS, memory management, application sandboxing, code signing, and advanced mitigations like SPTM, TXM, PAC, PAN, and PPL. Students will also receive a thorough introduction to the ARM64 architecture, including static and dynamic analysis techniques, debugging tools, and disassembly tools. Moving into iOS application security, students will explore topics such as code signing, encryption, secure communication, and the use of Frida for dynamic instrumentation. Advanced topics like hooking, memory manipulation, and instrumenting network communication will also be covered. The course also covers iOS malware analysis, including static, dynamic, and behavioral analysis, along with mitigation and prevention strategies.
On the Android side, participants will gain a broad understanding of Android system architecture, including drivers, modules, the Linux kernel, and the Android Binder. Hands-on experience in reverse engineering, exploit development for ARM platforms, memory management, and vulnerabilities will be provided. The course also covers Android's boot, recovery, rooting processes, and permissions, along with security features like DAC, CAP, SECCOMP, and SELinux.
For a practical learning experience, the course covers how to extract and decrypt boot images for Android devices. The course covers hands-on exercises for symbolicating the Android kernel and porting exploits to other Android devices. Advanced Frida techniques such as custom tracing, profiling, and memory inspection are explored with real-world applications. Case studies on prominent malware and custom malware samples designed for the course shed light on reverse engineering and advanced forensics techniques. Application Security related vulnerabilities occurring due to Android components are also covered as a part of the course.
Throughout the course, participants will engage in practical labs to gain hands-on experience with iOS and Android internals, application security, reverse engineering, and vulnerability analysis. By the end of the course, students will have the skills needed to reverse engineer, design, develop, and secure iOS and Android applications effectively, as well as have a good understanding of all the security measures implemented in Android/iOS Userland and Kernel.
This course prepares you for the Offensive Mobile Security Expert (OMSE) certification exam, a hands-on assessment specifically designed to test your grasp of advanced mobile security domains including userland and kernel components.
Learning Objectives
Get an understanding of the latest ARM64 instruction set
Learn the internals of Mobile Kernels along with several Kernel security mitigations
Learn Device Fingerprinting and Anti-Fraud techniques
Get a detailed walkthrough on using Ghidra, Hopper etc.
Advanced Dynamic Instrumentation using Frida
Understand some of the latest bugs and mitigations (PAC, CoreTrust, PPL, etc.)
Get an intro to common bug categories like UaF, Heap overflow, etc.
Understanding how Rooting and Jailbreaks work
Reverse engineer iOS and Android binaries (Apps and system binaries)
Learn how to audit iOS and Android apps for security vulnerabilities
Understand and bypass anti-debugging and obfuscation techniques
Get a quick walkthrough on using Ghidra, radare2, Hopper, Frida, etc.
Learn how accessibility malwares work, and how to reverse engineer well-known crypto wallet stealers
Learn how to symbolicate the iOS and Android kernel
Learn how to extract and decrypt boot images for Android devices
Become a Offensive Mobile Security Expert (OMSE)
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):