Mobile Security Wiki

One Stop for Mobile Security Resources


Please click on above icons to navigate between Wikis.

Please use left sidebar to navigate between sections.                                   Updated on: 17-7-2018

Forensics Tools

Development Tools

Static Analysis Tools

Dynamic Analysis Tools

Reverse Engineering Tools

Hooking Tools

Obfuscators & Deobfuscators Tools

Online Analyzers

Android Testing Distributions

Android Vulnerable Apps

Android Security Apps

Application Security Framework

Android Malwares Related


Android Vulnerability List

Android Security Libraries

Best Practices


Book Year Author Link
Exploring Security Enhancements for Android 2015 William Confer, William Roberts Link
The Mobile Application Hacker's Handbook 2015 Dominic Chell, Tyrone Erasmus, Jon Lindsay, Shaun Colley, Ollie Whitehouse Link
Android Hacker's Handbook 2014 Joshua J. Drake, Zach Lanier, Collin Mulliner, Pau Oliva, Stephen A. Ridley, Georg Wicherski Link
Android Security Internals 2014 Nikolay Elenkov Link
Android Malware And Analysis 2014 Shane Hartman, Ken Dunham, Manu Quintans, Jose Andre Morales, Tim Strazzere Link
Learning Pentesting for Android 2014 Aditya Gupta Link
Android Security Cookbook 2013 Keith Makan, Scott-Alexander-Brown Link
Android Malware 2013 Xuxian Jiang, Yajin Zhou Link
Android Application Security Essentials 2013 Pragati Rai Link
Hacking Exposed Mobile Security Secrets & Solutions 2013 Neil Bergman, Mike Stanfield, Jason Rouse, Joel Scrambay, Sarath Geethakumar, Swapnil Deshmukh, John Steven, Mike Price, Scott Matsumoto Link
Android Security: Attacks and Defenses 2013 Anmol Misra, Abhishek Dubey Link
Mobile Phone Security and Forensics: A Practical Approach 2012 I.I. Androulidakis Link
Android Apps Security 2012 Sheran Gunasekera Link
Decompiling Android 2012 Godfrey Nolan Link
Mobile Application Security 2012 Himanshu Dwivedi, Chris Clark and David Thiel Link
XDA Developers' Android Hacker's Toolkit 2012 Jason Tyler, Will Verduzco Link
Android Forensics: Investigation, Analysis and Mobile Security for Google Android' 2011 Andrew Hoog Link
Application Security for the Android Platform: Processes, Permissions, and Other Safeguards 2011 Jeff Six Link
Embedded Java Security: Security for Mobile Devices 2010 Mourad Debbabi, Mohamed Saleh, Chamseddine Talhi and Sami Zhioua Link

Android Security Research Papers

Security Overview


Presentation Conference Year Author Link
Solving the Mobile Security Gap SaintCon 2015 Franke Martinez Link
Mobile Device Security in the Enterprise SaintCon 2015 Dmitry Dessiatnikov Link
Improving mobile security with forensics, app analysis and big data Android Security Symposium 2015 Andrew Hoog Link
Android security architecture Android Security Symposium 2015 Nikolay Elenkov Link
Lessons from the trenches: An inside look at Android security Android Security Symposium 2015 Nick Kralevich Link
Secure copy protection for mobile apps Android Security Symposium 2015 Nils T. Kannengiesser Link
Human factors in anonymous mobile communication Android Security Symposium 2015 Svenja Schröder Link
Continuous risk-aware multi-modal authentication Android Security Symposium 2015 Rainhard D. Findling and Muhammad Muaaz Link
Assessing Android applications using command-line fu Android Security Symposium 2015 Pau Oliva Fora Link
The quest for usable security Android Security Symposium 2015 N. Asokan Link
Android and trusted execution environments Android Security Symposium 2015 Jan-Erik Ekberg Link
An infestation of dragons: Exploring vulnerabilities in ... Android Security Symposium 2015 Josh Thomas and Charles Holmes Link
Secure elements for you and me: A model for programmable secure ... Android Security Symposium 2015 Alexandra Dmitrienko Link
Mobile threats incident handling Android Security Symposium 2015 Yonas Leguesse Link
How Google killed two-factor authentication Android Security Symposium 2015 Victor van der Veen Link
Mobile Application Reverse Engineering: Under the Hood Derbycon 2015 Drew Branch Billy McLaughlin Link
Unbillable: Exploiting Android In App Purchases Derbycon 2015 Alfredo Ramirez Link
The problems with JNI obfuscation in the Android Operating System Derbycon 2015 Rick Ramgattie Link
Offensive & Defensive Android Reverse Engineering Defcon 2015 Jon Sawyer, Tim Strazzere, Caleb Fenton Link
Fuzzing Android System Services by Binder Call to Escalate Privilege Blackhat USA 2015 Guang Gong Link
Fingerprints on Mobile Devices: Abusing and Leaking Blackhat USA 2015 Yulong Zhang & Tao Wei Link
Ah! Universal Android Rooting is Back Blackhat USA 2015 Wen Xu Link
Attacking Your Trusted Core: Exploiting Trustzone on Android Blackhat USA 2015 Di Shen Link
This is DeepERENT:Tracking App Behaviors with Phone for Evasive Android Malware Blackhat USA 2015 Y.Park & J.Choi Link
Mobile Point of Scam: Attacking the Square Reader Blackhat USA 2015 Alexandrea Mellen & John Moore & Artem Losev Link
Commercial Mobile Spyware - Detecting the Undetectable Blackhat USA 2015 Joshua Dalman & Valerie Hantke Link
Faux Disk Encryption: Realities of Secure Storage on Mobile Devices Blackhat USA 2015 Daniel Mayer & Drew Suarez Link
Stagefright: Scary Code in the Heart of Android Blackhat USA 2015 Joshua J. Drake Link
Android Security State of the Union Blackhat USA 2015 Adrian Ludwig Link
Is my app secure? Bsides Lisbon 2015 Cláudio André, Herman Duarte Link
The nightmare behind the cross platform mobile apps dream Blackhat Asia 2015 Marco Grassi, Sebastian Guerrero Link
DABid: The Powerful Interactive Android Debugger for Android Malware Analysis Blackhat Asia 2015 Link
Resurrecting The READ_LOGS Permission On Samsung Devices Blackhat Asia 2015 Ryan Johnson, Angelos Stavrou Link
We Can still Crack you Blackhat Asia 2015 Link
Relaying contactless EMV transactions with off-the-self hardware Blackhat Asia 2015 Link
Hiding behind ART Blackhat Asia 2015 Paul Sebanal Link
Watch you lookin’ at? Securi-Tay 2015 Jahmel Harris & Owen Evans Link
On Relaying NFC Payment Transactions using Android devices RootedCon 2015 Ricardo J. Rodríguez y & José Vila Link
Android: Back to the Future, Two or Too RootedCon 2015 Raúl Siles Link
Understanding IMSI Privacy BlackHat USA 2015 Ravishankar Borgaonkar & Swapnil Udar Link
Android FakeID Vulnerability Wwalkthrough BlackHat USA 2015 Jeff Forrista Link
Reflection On Trusting Trustzone BlackHat USA 2015 Dan Rosenberg Link
Researching Android Device Security With The Help Of A Droid Army BlackHat USA 2015 Joshua Drake Link
MyY Google Glass Sees Your Passwords! BlackHat USA 2015 Xinwen Fu & Qinggang Yue & Zhen Ling Link
Cellular Exploitation On A Global Scale: The Rise And Fall Of The Ccontrol Protocol BlackHat USA 2015 Mathew Solnik & Marc Blanchou Link
Android FakeId Vulnerability Blackhat 2014 Jeff Forristal Link
Mobile Analysis Kung Fu, Santoku Style RSA Conference 2014 Andrew Hoog & Sebastián Guerrero Link
Beginners Guide to Reverse Engineering Android Apps RSA Conference 2014 Pau Oliva Fora Link
Touchlogger on iOS and Android RSA Conference 2014 Neal Hindocha & Nathan McCauley Link
Predatory Hacking of Mobile: Real Demos RSA Conference 2014 Jeff Forristal Link
Reverse Engineering, Pentesting and Hardening of Android Apps DroidCon 2014 Marco Grassi Link
DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket NDSS 2014 Daniel Arp, Michael Spreitzenbarth, Malte Hubner, Hugo Gascon & Konrad Rieck Link
Execute This! Analyzing Unsafe and Malicious Dynamic Code Loading in Android Applications NDSS 2014 Sebastian Poeplau, Yanick Fratantonio, Antonio Bianchi, Christopher Kruegel, Giovanni Vigna Link
AppSealer: Automatic Generation of Vulnerability-Specific Patches for Preventing Component Hijacking Attacks in Android Applications NDSS 2014 Mu Zhang, Heng Yin Link
SMV-Hunter: Large Scale, Automated Detection of SSL/TLS Man-in-the-Middle Vulnerabilities in Android Apps NDSS 2014 David Sounthiraraj, Justin Sahs, Zhiqiang Lin, Latifur Khan, Garrett Greenwood Link
AirBag: Boosting Smartphone Resistance to Malware Infection NDSS 2014 Chiachih Wu, Yajin Zhou, Kunal Patel, Zhenkai Liang, Xuxian Jiang Link
Pre-installed Android application poisoning AppSecAsiaPac 2014 Yoshitaka Kato Link
Rage Against the Virtual Machine: Hindering Dynamic Analysis of Android Malware EuroSec 2014 Thanasis Petsas, Giannis Voyatzis, Elias Athanasopoulos, Sotiris Ioannidis, Michalis Polychronakis Link
Pentesting Android Applications Confraria Segurança PT 2014 Cláudio André Link
Tricks for image handling in Android DroidCon Berlin 2014 Tyrone Nicholas Link
Post-Mortem Memory Analysis of Cold-Booted Android Devices IMF 2014 Christian Hilgers, Holger Macht, Tilo Muller, Michael Spreitzenbarth Link
Execute this! Looking into code-loading techniques on Android Honeynet Project Workshop 2014 Sebastian Poeplau, Yanick Fratantonio, Antonio Bianchi, Christopher Kruegel, Giovanni Vigna Link
Exploiting the Bells and Whistles: Uncovering OEM Vulnerabilities in Android CarolinaCon 2014 Jake Valletta Link
Enter Sandbox: Android Sandbox Comparison MOBILE SECURITY TECHNOLOGIES 2014 Sebastian Neuner, Victor van der Veen, Martina Lindorfer, Markus Huber, Georg Merzdovnik, Martin Mulazzani and Edgar Weipp Link
A Systematic Security Evaluation of Android's Multi-User Framework MOBILE SECURITY TECHNOLOGIES 2014 Paul Ratazzi, Yousra Aafer, Amit Ahlawat, Hao Hao, Yifei Wang and Wenliang Du Link
Sprobes: Enforcing Kernel Code Integrity on the TrustZone Architecture MOBILE SECURITY TECHNOLOGIES 2014 Xinyang Ge, Hayawardh Vijayakumar and Trent Jaeger Link
Android Packers:Separating from the pack Hacktivity 2014 Ruchna Nigam Link
ASM: A Programmable Interface for Extending Android Security 23rd USENIX Security Symposium 2014 Stephan Heuser, Adwait Nadkarni, William Enck, Ahmad-Reza Sadeghi Link
Peeking into Your App without Actually Seeing it: UI State Inference and Novel Android Attacks 23rd USENIX Security Symposium 2014 Qi Alfred Chen, Zhiyun Qian, Z. Morley Mao Link
On the Feasibility of Automa3cally Generating Android Component Hijacking Exploits Hitcon 2014 Wu Daoyuan Link
Play Flappy Bird while you pentest Android in style Hitcon 2014 Chris Liu & Matthew Lionetti Link
Bypassing wifi pay-walls with Android RootedCon 2014 Pau Oliva Fora Link
A distributed approach to malware analysis BruCON 0x06 2014 Daan Raman Link
Enter The Snapdragon! Hacktivity 2014 Daniel Komaromy Link
Android Forensics: The Joys of JTAG Ruxcon 2014 tty0x80 Link
TACKYDROID: Pentesting Android Applications in Style HiTB KUL 2014 Chris Liu & Matthew Lionetti Link
Hide Android Applications in Images BlackHat Europe 2014 Axelle Apvrille & Ange Albertini Link
MAN IN THE BINDER: HE WHO CONTROLS IPC, CONTROLS THE DROID BlackHat Europe 2014 Nitay Artenstein & Idan Revivo Link
Mobile Hacking – Reverse Engineering the Android OS HackerHalted 2014 Tom Updegrove Link
Making Android's Bootable Recovery Work For You EkoParty 2014 Drew Suarez at EkoParty Link
An Infestation of Dragons: Exploring Vulnerabilities in the ARM TrustZone Architecture PacSec Japan 2014 Josh "m0nk" Thomas, Charles Holmes & Nathan Keltner Link
Hey, we catch you - dynamic analysis of Android applications PacSec Japan 2014 Wenjun Hu Link
Steroids for your App Security Assessment ZeroNights 2014 Marco Grassi Link
Racing with DROIDS ZeroNights 2014 Peter Hlavaty Link
Creating a kewl and simple Cheating Platform on Android DeepSec 2014 Milan Gabor & Danijel Grah Link
Dex Education 201: Anti-Emulation HitCon 2013 Tim Strazzere Link


Please click on above icons to navigate between Wikis.

Please use left sidebar to navigate between sections.                                  Last Updated on: 17-7-2018

Disassemblers Tools

iOS Forensic Tools

iOS Dynamic Analysis Tools

iOS Reverse Engineering Tools

iOS Tutorials and Guides

iOS Best Practices

iOS Books

Book Year Author Link
Hacking and Securing iOS Applications 2012 Jonathan Zdziarski Link
iOS App Reverse Engineering 2015 iOSRE - Website Link
iOS Application Security: The Definitive Guide for Hackers and Developers 2015 David Theil Link
iOS Hackers handbook 2012 Charlie Miller, Dion Blazakis, Dino Diazovi, Stefan Esser, Vincenzo Iozzo, Ralf-Philipp Weinmann Link
iPhone and iOS Forensics 2011 Andrew Hoog, Katie Strzempka Link
Learning iOS Forensics 2015 Mattia Epifani, Pasquale Stirparo Link
Learning iOS Pentesting 2016 Swaroop Yermalkar Link


Please click on above icons to navigate between Wikis.

Please use left sidebar to navigate between sections.                                  Last Updated on: 17-7-2018

Windows Tools

Windows Presentations

Presentation Conference Year Author Link
Inspection of Windows Phone applications BlackHat Abu Dhabi 2012 Dmitriy Evdokimov, Andrey Chasovskikh Link
(UPCOMING) The Windows Phone Freakshow Hack inthe Box 2015 Amsterdam 2015 Luca De Fulgentis Link
Windows Phone 8 application security Hack in Paris 2013 Andrey Chasovskikh, Dmitry Evdokimov LinkVideo

Windows Tutorials

Windows Whitepapers