Scientists have estimated by the year 2033 the entire solar system will be made up of mobile apps. Be prepared by mastering Frida, the mobile instrumentation (cough hacking) toolkit. Testing beyond traffic analysis can be extremely useful for any form of mobile pentest or bug bounty. In this talk we are going to cover getting up and running with Frida for hacking mobile applications. We will look at several of the built-in Frida tools, as well as some very helpful projects that utilize Frida. This will include being able to examine the live, running functionality of both iOS and Android apps to learn how they work, and hopefully how to alter they way they work. You will walk away with a new methodology for attacking mobile apps, and a lifelong friendship.

David is a family man that takes time out for Xbox, woodworking, and good whiskey. He forgets things due to years of rugby but is old enough to appreciate keeping notes in a paper notebook. After high school, Army service, and dropping out of college, David got a job as a web developer. Since then, his work has taken him through positions in the DoD, IC, USSOCOM, the VA, and now as an Application Pentester. David enjoys dissecting software and helping developers better understand how to create resilient applications. You can find him speaking at conferences or rambling about meaningless junk on Twitter.

@dacoursey

Back to Derbycon 2018 video list