After analyzing hundreds of mobile applications, it is easy to identify where most app developers breakdown. Penetration Testers are easily able to exploit basic default configuration vulnerabilities on various mobile platforms, API's, and frameworks. Due to the huge amount of hybrid mobile applications, these vulnerabilities affect both Android and iOS applications. Native applications are not safe from these susceptibilities either. Join me as we uncover common vulnerabilities that will be easily spotted on your next mobile assessment using free and open source tools.

Aaron is a Principal Penetration Tester in the Los Angeles area with expertise in Application security, Mobile pentesting, Web pentesting, IoT research and Network Penetration testing. He volunteers his time as a Chapter Board Member for the Open Web Application Security Project (OWASP) Los Angeles, Technical Editor for Packt Publishing and the President for the Cloud Security Alliance SoCal. Aaron has held roles with companies such as Belkin, Linksys, Dell and Symantec. He has given presentations at a number of security conferences, developer conferences, various Meetups, and evangelizes application security to raise awareness.

@scriptingxss

Back to BSides Augusta 2016 video list