Mobile Hacking
The OWASP Mobile Application Security Verification Standard (MASVS) is the industry standard for mobile application security. It provides a comprehensive set of security controls that can be used to assess the security of mobile apps across various platforms (e.g., Android, iOS) and deployment scenarios (e.g., consumer, enterprise). The standard covers the key components of the mobile app attack surface, including storage, cryptography, authentication and authorization, network communication, interaction with the mobile platform, code quality and resilience against reverse engineering and tampering.
Full Course
Module 1 - Setting up the Basics
Basic tool set up. To run an environment where we can work on our Mobile Hacking course, we must install some basic tools to perform the hack.
Installing VM (Virtual Machine)
We must install a Virtual Machine on Windows or MAC to run our hacking tools in a safe environment.
Installing Offensive Security Linux
At this stage, we will install the tool that will help us with our hacks later. We have many options, but we will refer this time to Kali Linux, Parrot Security, and UTM.
Installing Android Studio
If we don't have an Android phone, we can use Android Studio to emulate it and for other technical purposes.
Installing JDK Tools
If you have payload issues, the JDK Tool will help us with that, as it will enable the needed libraries to run them.
Installing Swift for MAC/Windows
Apple created Swift, a programming language that built apps for Apple devices. It's a high-level, general-purpose language designed to be easy to learn.
Installing Xcode for MAC
Xcode is Apple's integrated development environment for macOS, which is used to develop software for macOS, iOS, iPadOS, watchOS, tvOS, and visionOS.
Installing Genymotion
Genymotion is an efficient Android emulator for testing Android applications. Learn about main concepts, from configuration to deploying a test application to the Emulator.
Installing Firebase
Firebase provides detailed documentation and cross-platform app development SDKs, to help you build and ship apps for iOS, Android, the Web, Flutter, Unity, and C++.
Linux Fundamentals
Before hacking, we have to learn the basics of commands.
Module 2 - Crafting payloads
In this module, we will understand the basic concepts of a malicious payload and how to create it and distribute it.
Metasploit (meterpreter & postgresql)
Metasploit is a tool for exploitation. We will use "Msfvenom" to create our payloads.
Tunneling (ngrok & apache)
Tunneling allows secure data transmission between networks. It's often used in virtual private networks (VPNs). We will use it as part of our backdoor.
Developer Key
If we want our payload to work successfully on a device, we must sign our application first. So it can be downloaded and distributed by users.
Module 3 - Android Studio
We will learn to use Android Studio, which can emulate an actual Android device
SDK Installation
SDK stands for Software Development Kit. It's a collection of tools that helps developers create applications for a specific platform.
Creating a Project/Running Emulator
We will learn the basics of the interface, create projects and run the emulators we create
Module 4 - iOS Development
In this course, we will learn the usage of Swift and Xcode. Languages that can help us in the future to hack and to understand better how internally works an iOS.
Swift fundamentals
We will learn about the environment and how to use some functions.
Xcode fundamentals
We will learn about the environment and how to use some functions.
Module 5 - Rooting & Jailbreacking
iOS jailbreaking is the use of a privilege escalation exploit to remove software restrictions imposed by Apple on devices running iOS and iOS-based operating systems. It is typically done through a series of kernel patches.
Jailbreaking iOS
We will learn the process of jailbreaking an iOS device.
Rooting Android
We will learn the process of rooting an Android device.
Module 6 - Reverse Engineering
The process of taking a piece of software or hardware and analyzing its functions and information flow to understand its functionality and behavior. Malware is commonly reverse-engineered in cyber defense.
Reverse Engineering tools (for Linux, MAC, Windows)
We will learn the basics of operating some of the most used reverse engineering tools.
Module 7 - Practice Labs
We will put everything into practice.
We have CTFs in different situations to make them as authentic as possible.
CTFs
Virtual Machines (mobile emulators) and real mobile hacking at your disposal!
Legal Disclaimer
Disclaimer
All the techniques provided in the tutorials on www.lyonnfiurex.com are solely for educational purposes. All techniques taught here are only meant to be used in a closed laboratory environment or with consent from a second or third party. If you are using any of those techniques for illegal purposes, Lyon & Fiurex LLC Group can’t be held responsible for possible lawful consequences.
Any actions or activities related to the material within www.lyonnfiurex.com are solely your responsibility. If you misuse this information for illegal activities, criminal charges may be brought against your person.
The content on www.lyonnfiurex.com can be potentially damaging and or dangerous if misused. DO NOT, NEVER try any of the techniques you learned on www.lyonnfiurex.com without consent of the second/third party.
Lyon & Fiurex LLC Group is not accountable for the use of the information provided in our courses, which are solely for educational purposes.