MOBILE APPLICATION PENETRATION TESTING
Hardly any market is growing faster than mobile applications. This service covers all threat vectors concerning mobile apps. The audits contain application runtime analysis, traffic & encryption flaws, insecure storage, code signing, memory protections, fuzzing and exploitation. We will test your Android and iPhone mobile applications to make sure they cannot be compromised. We also can include backend servers and APIs in the testing.
Mobile App Penetration Tests against
Apple iOS applications
Google Android applications
Backend servers
APIs
Communication channels
Flaws we often find in a Mobile App Penetration Test
User input not sanitised
Clear text transmission of confidential information to server
Possibility to introduce own code
Manipulation of execution flow
Deliverables
Full report (executive summary and in-depth technical report)
Testing only at agreed testing times (i.e. at nights, weekends etc.)
Mitigation advice on encountered vulnerabilities
Never running malicious exploits or DDoS tests unless agreed by client
Instant notification of critical vulnerabilities found during testing phase
Secure report delivery by encrypted email
Download Flyer and Sample Reports
References and Certifications
If you would like to speak to one of our existing customers, we are happy to arrange that. Please note that a lot of customers wish to remain anonymous and not to serve as a reference due to the sensitivity of the work we perform. Naturally we always comply with our customers. We do however have some clients who are happy to serve as references. Should you require validation of our consultant’s certifications, we can arrange that as well.