Ajin Abraham

Ajin Abraham

Senior Application Security Engineer - Chime Financial

Ajin Abraham is a Security Engineer with 9+ years of experience in Application Security, Research and Engineering. He is passionate about building and maintaining open source security tools and communities. Some of his contributions to Hacker’s arsenal include Mobile Security Framework (MobSF), nodejsscan, OWASP Xenotix, etc. Areas of interest include runtime security instrumentation, offensive security, web and mobile application security, code and architectural reviews, cloud-native runtime security, security tool development, security automation, breaking and fixing security products, reverse engineering, and exploit development.

Presentation Abstract

Android and iOS application security with MobSF

Mobile Security Framework - MobSF is a free and open source automated mobile application security testing environment designed to help security engineers, researchers, developers, and penetration testers to identify security vulnerabilities, malicious behaviours and privacy concerns in mobile applications using static and dynamic analysis. It supports all the popular mobile application binaries and source code formats built for Android and iOS devices. In addition to automated security assessment, it also offers an interactive testing environment to build and execute scenario based test/fuzz cases against the application.

This talk covers:

  • Using MobSF for static analysis of mobile applications.

  • Interactive dynamic security assessment of Android and iOS applications.

  • Solving Mobile app CTF challenges.

  • Reverse engineering and runtime analysis of Mobile malware.

  • How to shift left and integrate MobSF/mobsfscan SAST and DAST in your build pipeline.