This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "AppSecEU 2017 Developer Summit"
| Line 41: | Line 41: | ||
<br> | <br> | ||
<br> | <br> | ||
| − | '''Day 2: Morning Session'''<br> | + | '''Day 2: Half Day Morning Session'''<br> |
Date: Wednesday, May 10th<br> | Date: Wednesday, May 10th<br> | ||
Time: 9am-1pm (breakfast at 9am, lunch at 12pm)<br> | Time: 9am-1pm (breakfast at 9am, lunch at 12pm)<br> | ||
| Line 48: | Line 48: | ||
<br> | <br> | ||
<br> | <br> | ||
| − | '''Day 2: Afternoon Session'''<br> | + | '''Day 2: Half Day Afternoon Session'''<br> |
Date: Wednesday, May 10th<br> | Date: Wednesday, May 10th<br> | ||
Time: 1pm - 5pm<br> | Time: 1pm - 5pm<br> | ||
Revision as of 19:09, 10 March 2017
OWASP AppSec EU 2017 May 9th - 10th, 2017 Belfast, UK
We are excited to announce the OWASP Developer Summit EU 2017. OWASP is providing a structured platform for Developers on the two full days prior to the AppSec EU 2017 conference. The Developer Summit will consist of a full day hands on developer session followed by two half day sessions geared towards vulnerabilities.
The Developer Summit is free (no charge) for anyone who would like to attend. We just ask that you do sign up so we can get a head count to be sure we have enough space and food.
AGENDA
Day 1: Full Day Hands On Session
Date: Tuesday, May 9th
Time: 9am-5pm (breakfast at 9am, lunch at 12pm)
Presenter: Johanna Curiel, Vice Chair of the OWASP Board of Directors
Reverse Engineering Android Apps with Bytecodeviewer
Description hands on Session
Two important OWASP Top 10 Mobile risks are how resistance can an application be against Reverse Engineering and Code Tampering. In this hands on session, we will go through the process of Reverse Engineering known Android apps(like Facebook, some banking apps,Twitter etc), or bring your own app if you want and test it!
Some hands-on techniques we will go through:
- How to apply OWASP Mobile Top 10, Mobile Testing Guide(in progress) and Android Cheat Sheet pen testing
- Learn how hackers actually ‘decompile’ an APK and code tamper apps with Hooking methods using Xposed or changing Smali
- Learn Techniques to find useful information in highly obfuscated apps
- How to bypass Certificate Pinning and Root detection
- What can you do to make your apps harder against Reverse Engineering
- Learn how to root a phone If you did not root a phone, bring one (make sure is using Nougat 6.0 or less)
Requirements:
- Own laptop
- Bytecodeviewer 2.9.8
- Dex2Jar
- JD-GUI
- ApkTool
- https://github.com/voider1/a2scomp
- Android Studio + SDK Tools installed
- A rooted Android Device /or we rooted on in the class
- USB Cable to connect to your android phone to the laptop
Day 2: Half Day Morning Session
Date: Wednesday, May 10th
Time: 9am-1pm (breakfast at 9am, lunch at 12pm)
Presenter: Spyros Gasteratos
Details will be available soon!
Day 2: Half Day Afternoon Session
Date: Wednesday, May 10th
Time: 1pm - 5pm
Presenter: TBD
<insert title of session>
<insert description of hand-on session>
<insert any requirements for participation i.e. computer, etc.>
