Adding mobile security resources

Adding additional mobile security resources
This commit is contained in:
Omar Santos 2018-06-18 22:36:04 -04:00 committed by GitHub
parent cee128997b
commit 867b19c4f6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -1,37 +1,24 @@
# Mobile Device Security # Mobile Device Security
The following are several of the resources covered in the Wireless Networks, IoT, and Mobile Devices Hacking (The Art of Hacking Series) LiveLessons. The following are several of the resources covered in the [Art of Hacking Series LiveLessons](https://theartofhacking.org), [Safari Live Training](https://www.safaribooksonline.com/search/?query=ethical%20hacking%20omar%20santos&extended_publisher_data=true&highlight=true&is_academic_institution_account=false&source=user&include_assessments=false&include_case_studies=true&include_courses=true&include_orioles=true&include_playlists=true&formats=live%20online%20training&sort=relevance), and [penetration testing books authored by Omar Santos](https://omarsantos.io).
## OWASP Resources ## OWASP Resources
### OWASP Mobile Security Project - [OWASP Mobile Security Project](https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=Home)
* https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=Home - [OWASP Mobile Top 10](https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=Top_10_Mobile_Risks)
- [OWASP Mobile Security Testing Guide](https://b-mueller.gitbooks.io/the-owasp-mobile-security-testing-guide/content)
### OWASP Mobile Top 10: - [OWASP Mobile Application Security Verification Standard (MASVS)](https://www.owasp.org/images/6/61/MASVS_v0.9.4.pdf)
* https://www.owasp.org/index.php/Mobile_Top_10_2016-Top_10 - [OWASP MThreat Model Project](https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=M-Threat_Model_Project)
* https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=Top_10_Mobile_Risks
### OWASP Mobile Security Testing Guide:
* https://b-mueller.gitbooks.io/the-owasp-mobile-security-testing-guide/content
### OWASP Mobile Application Security Verification Standard (MASVS)
* https://www.owasp.org/images/6/61/MASVS_v0.9.4.pdf
## Android ## Android
### Android Research and Reverse Tools - [Android Developer Studio](http://developer.android.com/sdk/index.html)
* [Android Developer Studio](http://developer.android.com/sdk/index.html) - [APKtool](http://ibotpeaches.github.io/Apktool/)
* [APKtool](http://ibotpeaches.github.io/Apktool/) - [dex2jar](https://github.com/pxb1988/dex2jar)
* [dex2jar](https://github.com/pxb1988/dex2jar) - [Bytecode Viewer](https://bytecodeviewer.com/)
* [Bytecode Viewer](https://bytecodeviewer.com/) - [IDA Pro](https://www.hex-rays.com/products/ida/index.shtml)
* [IDA Pro](https://www.hex-rays.com/products/ida/index.shtml) - [Android Reverse Engineering Arsenals](https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=M-Tools)
### Android Reverse Engineering Arsenals
* https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=M-Tools
### APK Tool
* http://ibotpeaches.github.io/Apktool/
### Dex2jar and JD-GUI ### Dex2jar and JD-GUI
Dex2jar and JD-GUI are two different tools that are often used for reverse engineering Android apps. Dex2jar converts .dex files to .jar. JD-GUI is a Java decompiler that can decompile .jar files to the original Java source. Dex2jar and JD-GUI are two different tools that are often used for reverse engineering Android apps. Dex2jar converts .dex files to .jar. JD-GUI is a Java decompiler that can decompile .jar files to the original Java source.
* http://sourceforge.net/projects/dex2jar/ * http://sourceforge.net/projects/dex2jar/
@ -39,12 +26,6 @@ Dex2jar and JD-GUI are two different tools that are often used for reverse engin
## Apple iOS ## Apple iOS
### Damn Vulnerable iOS Application (DVIA) - [Damn Vulnerable iOS Application (DVIA)](https://www.owasp.org/index.php/OWASP_DVIA)
* DVIA Home Page - [DVIA Github Source](https://github.com/prateek147/DVIA)
* http://damnvulnerableiosapp.com - [DVIA Learning Resources](http://damnvulnerableiosapp.com/#learn)
* DVIA OWASP Project Page
* https://www.owasp.org/index.php/OWASP_DVIA
* DVIA Github Source
* https://github.com/prateek147/DVIA
* DVIA Learning Resources
* http://damnvulnerableiosapp.com/#learn