Mobile Application Security and Penetration Testing

Curious about this course?

Enroll now and get access to all of our material and labs!

Plans and Pricing


View enrollment pricing for individual students.


Purchase eLearnSecurity courses for your company.

Extremely Hands-on

Practice Mobile Application Security and Penetration Testing against a number of real world mobile applications that you can download and play with at any time.

Discover Labs

Become Certified

Obtain the eMAPT certification and prove your practical skills with the only 100% practical certification on Mobile Application Security and Penetration Testing

Discover eMAPT

Course at a glance

  • Start from iOS and Android architectures basics
  • Exposes Android and iOS vulnerabilities in-depth
  • Covers mobile OSs security mechanisms and implementations
  • Covers Mobile applications reverse engineering
  • In depth mobile applications static and dynamic analysis
  • Practice on real world mobile applications
  • Build your own home lab on mobile application security
  • Provides you the skills necessary to peform Penetration tests of mobile applications
  • Covers: APKTool, Dex2Jar, GDB Debugger, Cycript and many others
  • After obtaining the eMAPT certification qualifies you for 40 CPE

Course material

  • 4 hours of video training material
  • 21 highly technical modules
  • 26 apps to practice with

Course delivery

  • Self-paced
  • Off-line access available
  • Access from PC, Tablet and Smartphone

Test drive this course for free

I agree to receive emails from Caendra Inc.


Section: Android

  • Module 1 : Android: Android Architectures

    Before we dive into Security and Penetration Testing, we will introduce you to the Android environment. There are few key concepts you should be familiar with before we get started.

  • Module 2 : Android: Setting up a Testing Environment

    Prior to diving into Android Application Security, we need to have a means to examine, build, debug and run applications. For these purposes, we’ll need to install the Android Studio IDE (Integrated Development Environment).

  • Module 3 : Android: Android Build Process

    Understanding how Android Studio compiles the code and resources into a working Android application will help you better understand how all the pieces fit together. This will also provide insight into the protection employed to guarantee the authenticity of applications and circumstances by which they can be rendered meaningless.

  • Module 4 : Android: Reversing APKs

    In this section, we’ll discuss the process of reversing Android applications. This is an important skill for anyone who wants to audit the security of third-party applications where the source code is unavailable.

  • Module 5 : Android: Device Rooting

    Rooting is a process by which one obtains “root” or system level access to an Android device. In this module you will learn why it can be important for our security tests but also which are the implications of rooting a device.

  • Module 6 : Android: Android Application Fundamentals

    In order to perform a thorough pentest on Android application you must know and master all its components. In this module you will study all the fundamental concepts and topics that you may encounter during your security test tasks

  • Module 7 : Android: Network Traffic

    Mobile devices are unique in how they use networks, being almost exclusively wireless and often bouncing between cellular and Wi-Fi networks. To lower cellular data traffic, some cellular carriers provide Wi-Fi hotspots for their customers. Bad guys know this and will often set up fake Wi-Fi networks, tricking the devices into connecting. In this module you will learn how to configure your environment in order to inspect and analyze network traffic.

  • Module 8 : Android: Device and Data Security

    How securely data is stored on mobile devices has become a hot topic lately. In fact, Insecure Data Storage is second most common vulnerability, according to the OWASP Mobile Top Ten.

  • Module 9 : Android: Tapjacking

    If you are familiar with Clickjacking in web applications, you’re already familiar with the basic concepts of Tapjacking. In a Tapjacking attack, a malicious application is launched and positions itself atop a victim application. In this module you will see some example of Tapjacking, but also how to properly develop an Application to solve this issue.

  • Module 10 : Android: Static Code Analysis

    Static Code Analysis is a process for programmatically examining application code on disk, rather than while it is running. There are numerous scientifically rigorous approaches to the problems of validating that code is free of errors. In this module you will learn how to perform security tests on Android application by using different static code analysis.

  • Module 11 : Android: Dynamic Code Analysis

    Dynamic Code Analysis is the process by which code is reviewed for vulnerabilities by actually executing some or all of the code. This execution could occur in a normal environment, virtualized environment or a debugger. This type of inspection also allows you to directly observe network requests, interactions with other applications and the results of any error conditions encountered.

Section: iOS

  • Module 1 : iOS: iOS Architecture

    To understand the iOS ecosystem, we need to realize that iOS operating system is based on Darwin OS, which was originally written by Apple in C, C++ and Objective-C. Darwin is also at the heart of OSX, and thus OS X and iOS share some common foundation.

  • Module 2 : iOS: Device Jailbreaking

    Jailbreaking is the process of actively circumventing/removing such restrictions and other security controls put in place by the operating system. This allows users to install unapproved apps (apps not signed by a certificate issued by Apple) and leverage more APIs, which are otherwise not accessible in normal scenarios.

  • Module 3 : iOS: Setting up a Testing Environment

    Before we proceed, it is important to understand a few fundamental concepts unique to apple ecosystem, and more precisely related to the iOS app development process. Apple provides simulators for different hardware and iOS versions.

  • Module 4 : iOS: iOS Build Process

    In this module you will learn how the iOS build process works and what are the differences between running an application on a device or the emulator.

  • Module 5 : iOS: Reversing iOS Apps

    There is an incentive for an attacker to examine and understand how the software works, so that they can then look for further weak spots or patch/manipulate those binaries to their advantage. In this module you will see which are the most used techniques and tools to successfully reverse iOS application.

  • Module 6 : iOS: iOS Application Fundamentals

    In order to perform a thorough pentest on iOS applications you must know and master all its components. In this module you will study how applications are composed and what each component is useful for.

  • Module 7 : iOS: iOS Testing Fundamentals

    In this module you will start running your security tests against iOS Applications. Depending on the target of your tests, you will learn different techniques and use multiple tools to reach your goal.

  • Module 8 : iOS: Network Traffic

    In this module you will learn how to configure your environment in order to inspect and analyze network traffic.

  • Module 9 : iOS: Device Administration

    iOS 6 and later versions, have a built in support for powerful device management capability with fine grain controls that allows an organization to control the corporate apple devices and data stored on it. In this module you will see which options organizations have to get clear visibility into all the active devices, ensure that the devices are in compliance, that the software running on these devices is up to date and much more.

  • Module 10 : iOS: Dynamic Analysis

    There is a certain class of applications, that has significant amount of client side logic built into it. Typical examples include word-processing software, image editors, games, utilities etc. In such cases, there is an incentive for attackers to be able to examine and understand how the software works, so that they can then look for further weak spots in the application or bypass restrictions that are applied locally.

Download PDF Syllabus


  • Basic knowledge of programming fundamentals.
  • Basic knowledge of programming languages such as Java and Objective-C/Swift.
  • OSX El Capitan and an iOS (version 8.3) device such as iPod, iPhone, iPad required for some of the iOS topics.
  • Basic security concepts such as : cryptography, reverse engineering, SQL injections and web tools such as Wireshark and OWASP ZAP (or Burp)

This training course is for...

  • Penetration testers
  • Forensers
  • Mobile App Developers
  • IT personnel


During the Mobile Application Security and Penetration Testing course you will have to deal with several guided labs and exercises that will help you to improve your mobile pentesting skills.

These labs are Android and iOS applications that you have to test in order to apply the techniques explained and reach the final goal. Depending on the lab you will be provided with the application installer or the source code of the application.

During your tests you will have to: Install, run and test each application, Find security issues, Develop a Proof-of-Concept (PoC) exploit for each issue found

Lab IDDescriptionCategory
Lab 1 StartingLab Android
Lab 2 Locating Secrets Android
Lab 3 Bypass Security Controls Android
Lab 4 Obfuscation Android
Lab 5 Outlook Android
Lab 6 UberCab Android
Lab 7 PinTester Android
Lab 8 PatchMe Android
Lab 9 Insecure External Storage Android
Lab 10 ReadExternalStorage (InsecureExternalStorage Exploit POC) Android
Lab 11 Tapjacking Android
Lab 12 GoatDroid Android
Lab 13 InjectMe Android
Lab 14 FileBrowser Android
Lab 15 FileBrowserExploit (FileBrowser Exploit POC) Android
Lab 16 NoteList Android
Lab 17 Leack Result Android
Lab 18 Vulnerable Receiver Android
Lab 19 Silly Service Android
Lab 20 WeakWallet Android
Lab 21 Starting Lab iOS
Lab 22 eLS_LogIn (Reverse Engineering Lab) iOS
Lab 23 eLS_LogIn (Dynamic Analysis Lab) iOS
Lab 24 eLS_LogIn2 iOS
Lab 25 Secure OTP generator iOS
Lab 26 SSL pinning iOS iOS


Get eMAPT Certification

eLearnSecurity's eMAPT (eLearnSecurity Mobile Application Penetration Tester) certification is the only certification that proves that you know Mobile Application Security and Penetration Testing in practice.

Learn more


  • Dimitrios Bougioukas
    Dimitrios Bougioukas

    Dimitrios Bougioukas is a Senior IT Security researcher and instructor at eLearnSecurity and holds a B.Sc. in Computer Science from the Athens University of Economics and Business. For the past 4 years, he has worked as a Business Information Security Engineer and Information Security Analyst for a major financial institution and as a penetration tester within EY's practice. Dimitrios specializes in advanced cyber threat simulation, threat intelligence and purple team tactics. He has been engaged on numerous penetration testing activities against critical infrastructure, web applications and mobile applications. In terms of research, Dimitrios has presented at information security conferences such as BSides and has received acknowledgements from security, telecom and other major companies for finding and reporting vulnerabilities in their web applications, in a responsible manner (IBM Trusteer, LG etc.). In the context of his professional career, his work led to international and regional information security awards in prestigious and highly competitive contests such as Retail Banker International Awards.

  • Anthony Trummer
    Anthony Trummer

    Tony is the Director of Security Engineering in Tinder and has 20 years IT experience, including network engineering/security, systems administration, consulting and application security. He is recognized in the Android Security Acknowledgements and numerous responsible disclosure programs, such as Microsoft, Yahoo, WordPress and Uber. He is also the creator and core contributor to QARK. Speaker/Presenter: DefCon, Wall of Sheep, Black Hat London, Black Hat USA, BSides Las Vegas, DeepSec, Hack-in-The-Box, AppSec California and AppSec USA.

  • Tushar Dalvi
    Tushar Dalvi

    Tushar is a security enthusiast, and currently works as a Senior Information Security Engineer at LinkedIn. He specializes in the area of application security, with a strong focus on vulnerability research and assessment of mobile applications. Previously, Tushar has worked as a security consultant at Foundstone Professional Services (McAfee) and as a Senior developer at ACI Worldwide.

  • Francesco Stillavato
    Francesco Stillavato

    His experience spans from web application secure coding to secure network design. He has contributed to the Joomla project as a Developer and has conducted a number of assessments as a freelance. Francesco Stillavato's research is now focused on Mobile Application Penetration Testing on Android and iOS. Publications: Francesco is the co-author of the Penetration testing course Professional, Mobile Application Security and Penetration Testing, Penetration Testing Student and author of all Hera Lab scenarios.

Enroll now and get access to all of our material and labs!

Go to top of page