Building and Breaking VyAPI - A Cloud Based Vulnerable Android App null Bangalore Humla 22 February 2020 Building and Breaking VyAPI - A Cloud Based Vulnerable Android App

Profilepic

Abstract

Agenda

  1. Build VyAPI APK using Amplify CLI and your personal AWS account
  2. Understand OWASP Mobile Top 10 by exploiting built-in vulnerabilities of VyAPI
  3. Play with following tools: MobSF, Drozer, ADB

Prerequisites:

Softwares required for building VyAPI APK

  1. An active AWS account with Administrative access
  2. Node.js (Version 8.11.X or later)
  3. Amplify CLI
  4. Android Studio and SDK Tools
  5. Android emulator (API level 23 or above)

Note:
Refer following link for detailed instructions on how to build VyAPI APK - https://github.com/appsecco/VyAPI

Softwares required for breaking VyAPI

  1. Android Debug Bridge (ADB) - https://www.xda-developers.com/install-adb-windows-macos-linux/
  2. MobSF - "docker pull opensecurity/mobile-security-framework-mobsf"
  3. Drozer - https://github.com/FSecureLABS/drozer
  4. Burp Suite community or pro installed - https://portswigger.net/burp

Speaker

Riddhi Shree

Inquisitive by nature, I tend to drift towards anything that seems difficult, yet, interesting. I have interest in a variety of areas including (but not limited to) playing guitar, painting/sketching, playing chess, dribbling the basketball, and, of course, making attempts to explore different aspects of the most powerful innovation of all times: a Computer.

Timing

Starts at Saturday February 22 2020, 09:30 AM. The sessions runs for about 5 hours.

Resources

 
0 0 0