Cyber Life Podcast Ep. 28 - Mobile Application Security with Nabeela Bukhari

CYBER LIFE

Jan 24, 2024•26 min

--:--

Listen in podcast apps:

Listen to this episode in Metacast mobile app

Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

In this episode, I speak with Nabeela Bukhari about mobile application security. Be sure to check out the resources linked below.

Nabeela is a senior security engineer primarily focused on app security and mobile app security. She holds a degree in Electronics Engineering and several certifications. Nabeela is also a volunteer with BBWIC and helps mentor women in their cybersecurity careers around the world.

Resources shared on the podcast:

https://mas.owasp.org/MASTG/ - MSTG Guide

https://owasp.org/www-project-mobile-top-10/ - OWASP TOP 10 Mobile

https://github.com/MobSF/Mobile-Security-Framework-MobSF- MOBSF

Tools:

Frida- https://frida.re/

Objection- https://github.com/sensepost/objection/wiki/components

Drozer- https://github.com/WithSecureLabs/drozer

JADX-Gui- https://github.com/skylot/jadx

Vulnerable Android apps for learning:

InjuredAndroid

https://github.com/B3nac/InjuredAndroid

Walkthrough Video: https://www.youtube.com/watch?v=PMKnPaGWxtg

Google Play Link: https://play.google.com/store/apps/details?id=b3nac.injuredandroid

Android AppSec

CTF site: ctf.hpandro.raviramesh.info

Walkthrough Video:https://www.youtube.com/c/AndroidAppSec

Google Play Link: https://play.google.com/store/apps/details?id=com.hpandro.androidsecurity

Damn Vulnerable Bank

Link: https://github.com/rewanthtammana/Damn-Vulnerable-Bank

Walkthrough Video: https://rewanthtammana.com/damn-vulnerable-bank/

Insecure Shop

Link: https://github.com/optiv/InsecureShop/releases/download/v1.0/InsecureShop.apk

GitHub: https://github.com/optiv/InsecureShop

Walkthrough Video: https://docs.insecureshopapp.com/

AndroGoat

Link: https://github.com/satishpatnayak/MyTest/blob/master/AndroGoat.apk

GitHub: https://github.com/satishpatnayak/AndroGoat

Walkthrough Video: https://medium.com/androgoat

Crackmes

Link: https://github.com/satishpatnayak/MyTest/blob/master/AndroGoat.apk

GitHub: https://github.com/OWASP/owasp-mstg/tree/master/Crackmes/Android

Walkthrough: https://github.com/OWASP/owasp-mstg/tree/master/Crackmes

InsecureBank

Link: https://github.com/dineshshetty/Android-InsecureBankv2/raw/master/InsecureBankv2.apk

GitHub: https://github.com/dineshshetty/Android-InsecureBankv2

Oversecured Vulnerable Android App

GitHub: https://github.com/oversecured/ovaa

Blog: https://blog.oversecured.com/

DIVA Android

GitHub: https://github.com/payatu/diva-android

Walkthrough: http://www.payatu.com/damn-insecure-and-vulnerable-app/

MSTG Hacking Playground

GitHub links: https://github.com/OWASP/MSTG-Hacking-Playground

https://github.com/OWASP/MSTG-Hacking-Playground/tree/master/Android/MSTG-Android-Java-App

https://github.com/OWASP/MSTG-Hacking-Playground/tree/master/Android/MSTG-Android-Kotlin-App

Ask me a Question Here: https://topmate.io/ken_underhill

Get better at job interviews and build your confidence with this short course.

https://cyberken23.gumroad.com/l/jbilol/youtube20

If you need cybersecurity training, here are some good resources. Please note that I earn a small affiliate commission if you sign up through these links for the training.

Learn Ethical Hacking skills https://get.haikuinc.io/crk0rg6li6qd

Get Ethical Hacking skills, SOC Analyst skills, and more through StationX.

https://www.stationx.net/cyberlife

Support this podcast at — https://redcircle.com/cyber-life/donations

For the best experience, listen in Metacast app for iOS or Android

Open in Metacast