Android Needs no introduction, Its one of the fastest growing Smartphone / Tablet OS. Future plans ot just includes telecommunication equipment but also entertainment equipments like TV, Music Players and other house hold items. When the World is moving towards Android subsequently there is a rise in threat's and potential risk's in the same. This Workshop is geared towards Security professionals Who want to remain on the edge of the fast paced technology and possess in-depth understanding of Android. This workshop will not only focus on Application Pen Testing but will also be looking at the overall OS as a platform and potential pitfalls around it. In order to understand these concept in more details we will be working on creating a simple malware and dissecting existing malware samples to understand.

• Android Architecture
• Operating System Overview
• File system Overview
• Security Model
• Developer Overview
• Application Components
• Application Structure
• The SDK and Android Tools
• Developing a basic application
• Intro to PenTesting
• Setting up the environment
• Black Box PT
• Reverse Engineering
• Rooting basics
• Malware Analysis and Design
• Exploits survey
• Common malware samples
• Detection, prevention and cure

Ankur Bhargava

Ankur works for India Software Labs, IBM India and is a CEH. He has been speaker at various conferences like nullcon, C0C0N for different years where he has presented on topics like PDF exploits , Android Security. Ankur is a active member on OWASP Bangalore Chapter. Ankur's main expertise in on application security both on the Web and Mobile.

Anant Shrivastava

Anant Works for Infosys Pvt Ltd. He holds a GWAPT, CEH and RHCE. He has been speaker at various conferences like Nullcon, c0c0n, Clubhack, his talks are focused on android. He is the creator of Android Tamer – VM for android security professionals. Active member of Null, Garage4Hackers. His expertise remains in Linux, Web Applications (Dev and security testing) and Mobile devices (OS and Application) Security.

1 day (8 hrs)

Bring in your own Laptop and if an android device is available. (otherwise simulator will also work)

Pre-requisite

Who should attend?

To look at traditional malware analysis including the basic lab setup, static and dynamic analysis with new challenges. The challenges include encryption, anti-debug techniques and learn how to bypass them to analyse properly.

Speaker Details

Harsimran Walia - Harsimran is a Research scientist at McAfee Labs, graduated as Mechanical Engineer from IIT Delhi and an Independent Security Researcher. Has presented his research at "NullCon2011" on the topic "Reversing Microsoft Patches to reveal vulnerable code". In the past, have taken training programs on Fuzzing, Malware Analysis, Offensive Metasploit, Exploit development et. al. Author of various technical blogs and research papers.

Duration

1 day

Topics

• x86 Assembly refresher
• Types of vulnerabilities and exploits
• Lab Setup and tools of trade
• Practical Malware Analysis
• Anti-Analysis techniques and how to bypass them
• Automation

Pre-requisite

Open mind and basics of x86 assembly. Reverse Engineering knowledge will be an added advantage.

Who should attend?

Malware Analyst, System and network administrators, People working with system security.