Building and Breaking VyAPI - A Cloud Based Vulnerable Android App null Bangalore Humla 22 February 2020 Building and Breaking VyAPI - A Cloud Based Vulnerable Android App
Abstract
Agenda
- Build VyAPI APK using Amplify CLI and your personal AWS account
- Understand OWASP Mobile Top 10 by exploiting built-in vulnerabilities of VyAPI
- Play with following tools: MobSF, Drozer, ADB
Prerequisites:
Softwares required for building VyAPI APK
- An active AWS account with Administrative access
- Node.js (Version 8.11.X or later)
- Amplify CLI
- Android Studio and SDK Tools
- Android emulator (API level 23 or above)
Note:
Refer following link for detailed instructions on how to build VyAPI APK - https://github.com/appsecco/VyAPISoftwares required for breaking VyAPI
- Android Debug Bridge (ADB) - https://www.xda-developers.com/install-adb-windows-macos-linux/
- MobSF - "docker pull opensecurity/mobile-security-framework-mobsf"
- Drozer - https://github.com/FSecureLABS/drozer
- Burp Suite community or pro installed - https://portswigger.net/burp
Speaker
Inquisitive by nature, I tend to drift towards anything that seems difficult, yet, interesting. I have interest in a variety of areas including (but not limited to) playing guitar, painting/sketching, playing chess, dribbling the basketball, and, of course, making attempts to explore different aspects of the most powerful innovation of all times: a Computer.
Timing
Starts at Saturday February 22 2020, 09:30 AM. The sessions runs for about 5 hours.