Exciting news! Join us for DevSecCon Italy, featuring Federico Dotta, Principal Security Analyst at HN Security, and Alessandro Braccio, DevSecCon Italy Chapter Leader. They’ll showcase advanced techniques for mobile app security analysis. Learn to bypass security measures using Frida, Burp Suite, and the Brida plugin. Don’t miss this opportunity to level up your security analysis skills!
Abstract
Are you interested in how to conduct a security analysis on a complex mobile application? Maybe reducing the effort without sacrificing the quality of the job? Great, you are in the right place! In this session, presented by the DevSecCon Italy’s chapter leader, Alessando Braccio and Federico Dotta, Principal Security Analyst, will analyse an Android mobile application with strong security features and will bypass all of them using Frida, Burp Suite and Brida plugin.
The talk will be highly technical, giving you an insight on how a similar task should be approached and how difficulties can be overcome, or even better skipped! We will work on a live demo of this complex scenario, bypassing all the in-place crypto protections of the traffic, in order to be able to comfortably find (and then exploit) vulnerabilities in the backend.
Finally, we will show Brida, a tool developed with a colleague of mine, and its approach to this kind of problems,aimed at minimizing the reversing and developing effort and having more time for the juicy things!
***Important note – This event will be held in ITALIAN
———
Join the Community!
If you haven’t joined the Discord community, please do so! You can find us on Discord at: https://devseccon.io/discordcommunity
