Black Hat USA Registration Black Hat USA Registration Black Hat USA Briefings Black Hat USA Briefings Black Hat USA Training Black Hat USA Training Black Hat USA Schedule Black Hat USA Schedule Black Hat USA Sponsors Black Hat USA Sponsors Black Hat  USA Special Events Black Hat  USA Special Events Black Hat USA Venue Black Hat USA Venue

On This Page

Android Application Hacking – PenTesting Mobile Apps

Erez Metula, AppSec Labs | July 27-28 & 29-30



Ends May 31



Ends July 24



Ends July 30


This course will focus on the techniques and tools for testing the security of Android mobile applications. During this course the students will learn about important topics such as the Android Security model, the Android runtime, how to perform static analysis, traffic manipulation, memory dumps, debugging , code modification and dynamic analysis – from zero knowledge of the APK to full exploitation. Students of this course will learn how to operate and make the best of the AppUse custom VM for Android application penetration testing, from its own creators.

By taking this course you will be able to perform penetration testing on Android mobile applications and expose potential vulnerabilities in the tested application such as insecure storage, traffic manipulation, malicious intents, authentication and authorization problems, client side SQLi, bad cryptography, and more.

The objectives of the course are

Who Should Take This Course

Members of the security / software development team:


Before attending this course, students should be familiar with:

What Students Should Bring

Please make sure that each machine has:


Erez Metula is a world renowned application security expert, spending most of his time finding software vulnerabilities and teaching developers how they should avoid them. Erez has an extensive hands-on experience performing security assessments, code reviews and secure development trainings for worldwide organizations, and had previously talked at international security conferences such as BlackHat, Defcon, OWASP, RSA, SOURCE, CanSecWest and more. His latest research on Managed Code Rootkits, presented at major conferences throughout the world, was published recently as a book by Syngress publishing. He is the founder of AppSec Labs, where he focuses on advanced application security topics. Erez holds an MSc in computer science and he is CISSP.