Platform for Experts 
Mobile & Backend Security Testing 
Our Company 
Blog
Contact us
eShard
/
Pentesting Mobileapp

Mobile App Penetration Testing

With a penetration test, we determine the resilience of your mobile app against well known attacks. Our experts take the mobile app’s perspective and assume the underlying platform (iOS or Android) by default as insecure and untrusted, i.e. a mobile app cannot rely on platform services only and has to defend itself against other mobile apps, the platform and attackers.

Identifying Vulnerabilities

We identify vulnerabilities and attack paths in the mobile app that can be exploited to gain access to critical information. The complexity of an attack and resiliency of a mobile app is measured in days which is a key determinator of the actual risk. Another is related to the nature of an attack and the question whether an attack is limited to a single device, e.g. because an attack assumes physical access to the device, or whether it can be mounted remotely.

Attacks with remote access to the device or the mobile app require particular attention, because these attacks can be applied to a large number of devices at a time and entailing the risk of a compromise at scale.

Assessing the Risks

We perform penetration tests and consider the specific threats to mobile apps on iOS or Android platforms, such as:

  • Data stealing (at rest and/or at runtime) from a malicious apps on the mobile device;
  • Application tampering, eased by a tampered device (rooted/jailbroken);
  • Mobile app cloning (binary and data);
  • Code and data lifting, i.e. extract, copy and run/use of MA parts;
  • Tampering network communication, connecting to and interfacing with internal APIs, i.e. Man-in-the-Middle, disabling certificate pinning etc;
  • Gaining access to a MA on a lost or stolen device.

State-of-the-art Techniques

For that, we use advanced tools and apply state-of-the-art techniques to gain access to the assets, e.g. personal data, banking account and payment data, health data, cryptographic keys, tokens, code etc. Depending on the objectives, we consider solely the mobile app binary (black box) or the binary in combination with its security design (gray box) and/or source code (white box).

A penetration test typically includes Reverse Engineering techniques such as:

  • Debugging, disassembly, decompilation
  • Deobfuscation and cryptanalysis
  • Emulation, tracing and control flow analysis
  • And code patching and dynamic binary instrumentation

to analyze the code and tamper with the mobile app, at rest and at runtime.

Think Like a Hacker

Like real attackers, to disable the various security protections and gaining access to the assets, we use an arsenal of tools like Apktool, JADX, JEB, QEMU, Unicorn, Ghidra, Frida, IDA Pro, angr, etc.

To analyze the resilience of a mobile app or a component (SDK or software protection tool) against an advanced attacker, we perform a penetration test in a team: depending on the specific skills required, the pentesters are supported by a team of experts in other subject matters.

Track Record

We have a proven track record in Security Testing and Reverse Engineering of:

Mobile apps and Handsets

IoT devices

Healthcare Devices

SmartCards

POIs, ICs and SOCs

Cryptography

Interested?

Contact us

Blog Articles

Software Security

iOS Crackme: an efficient way to learn by doing

7 min read
Edit by Lesecque Yorick Sep 30, 2020
CopyRights eShard 2022.
All rights reserved
Privacy policy | Legal Notice
PLATFORM FOR EXPERTS
Side Channel AnalysisLaser & EM Fault InjectionFirmware Security AnalysisSecurity Failure AnalysisVulnerability Research
PROFESSIONAL SERVICES