Adding mobile security resources

Adding additional mobile security resources
This commit is contained in:
Omar Santos 2018-06-18 22:36:04 -04:00 committed by GitHub
parent cee128997b
commit 867b19c4f6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -1,37 +1,24 @@
# Mobile Device Security
The following are several of the resources covered in the Wireless Networks, IoT, and Mobile Devices Hacking (The Art of Hacking Series) LiveLessons.
The following are several of the resources covered in the [Art of Hacking Series LiveLessons](https://theartofhacking.org), [Safari Live Training](https://www.safaribooksonline.com/search/?query=ethical%20hacking%20omar%20santos&extended_publisher_data=true&highlight=true&is_academic_institution_account=false&source=user&include_assessments=false&include_case_studies=true&include_courses=true&include_orioles=true&include_playlists=true&formats=live%20online%20training&sort=relevance), and [penetration testing books authored by Omar Santos](https://omarsantos.io).
## OWASP Resources
### OWASP Mobile Security Project
* https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=Home
### OWASP Mobile Top 10:
* https://www.owasp.org/index.php/Mobile_Top_10_2016-Top_10
* https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=Top_10_Mobile_Risks
### OWASP Mobile Security Testing Guide:
* https://b-mueller.gitbooks.io/the-owasp-mobile-security-testing-guide/content
### OWASP Mobile Application Security Verification Standard (MASVS)
* https://www.owasp.org/images/6/61/MASVS_v0.9.4.pdf
- [OWASP Mobile Security Project](https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=Home)
- [OWASP Mobile Top 10](https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=Top_10_Mobile_Risks)
- [OWASP Mobile Security Testing Guide](https://b-mueller.gitbooks.io/the-owasp-mobile-security-testing-guide/content)
- [OWASP Mobile Application Security Verification Standard (MASVS)](https://www.owasp.org/images/6/61/MASVS_v0.9.4.pdf)
- [OWASP MThreat Model Project](https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=M-Threat_Model_Project)
## Android
### Android Research and Reverse Tools
* [Android Developer Studio](http://developer.android.com/sdk/index.html)
* [APKtool](http://ibotpeaches.github.io/Apktool/)
* [dex2jar](https://github.com/pxb1988/dex2jar)
* [Bytecode Viewer](https://bytecodeviewer.com/)
* [IDA Pro](https://www.hex-rays.com/products/ida/index.shtml)
- [Android Developer Studio](http://developer.android.com/sdk/index.html)
- [APKtool](http://ibotpeaches.github.io/Apktool/)
- [dex2jar](https://github.com/pxb1988/dex2jar)
- [Bytecode Viewer](https://bytecodeviewer.com/)
- [IDA Pro](https://www.hex-rays.com/products/ida/index.shtml)
- [Android Reverse Engineering Arsenals](https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=M-Tools)
### Android Reverse Engineering Arsenals
* https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=M-Tools
### APK Tool
* http://ibotpeaches.github.io/Apktool/
### Dex2jar and JD-GUI
Dex2jar and JD-GUI are two different tools that are often used for reverse engineering Android apps. Dex2jar converts .dex files to .jar. JD-GUI is a Java decompiler that can decompile .jar files to the original Java source.
* http://sourceforge.net/projects/dex2jar/
@ -39,12 +26,6 @@ Dex2jar and JD-GUI are two different tools that are often used for reverse engin
## Apple iOS
### Damn Vulnerable iOS Application (DVIA)
* DVIA Home Page
* http://damnvulnerableiosapp.com
* DVIA OWASP Project Page
* https://www.owasp.org/index.php/OWASP_DVIA
* DVIA Github Source
* https://github.com/prateek147/DVIA
* DVIA Learning Resources
* http://damnvulnerableiosapp.com/#learn
- [Damn Vulnerable iOS Application (DVIA)](https://www.owasp.org/index.php/OWASP_DVIA)
- [DVIA Github Source](https://github.com/prateek147/DVIA)
- [DVIA Learning Resources](http://damnvulnerableiosapp.com/#learn)