What You Will Learn Gain an in-depth understanding of Android and iOS architecture and the latest changes Discover how to work with different tool suites to assess any application Develop different strategies and techniques to connect to a mobile device Create a foundation for mobile application security principles Grasp techniques to attack different components of an Android device and the different functionalities of an iOS device Get to know secure development strategies for both iOS and Android applications Gain an understanding of threat modeling mobile applications Get an in-depth understanding of both Android and iOS implementation vulnerabilities and how to provide counter-measures while developing a mobile app Book Description Mobile security has come a long way over the last few years. It has transitioned from "should it be done?" to "it must be done!"Alongside the growing number of devises and applications, there is also a growth in the volume of Personally identifiable information (PII), Financial Data, and much more. This data needs to be secured. This is why Pen-testing is so important to modern application developers. You need to know how to secure user data, and find vulnerabilities and loopholes in your application that might lead to security breaches. This book gives you the necessary skills to security test your mobile applications as a beginner, developer, or security practitioner. You'll start by discovering the internal components of an Android and an iOS application. Moving ahead, you'll understand the inter-process working of these applications. Then you'll set up a test environment for this application using various tools to identify the loopholes and vulnerabilities in the structure of the applications. Finally, after collecting all information about these security loop holes, we'll start securing our applications from these threats. Authors Vijay Kumar Velu Vijay Kumar Velu is a passionate information security practitioner, speaker, and blogger, currently working as a cyber security technical manager at one of the Big4 consultancies based in India. He has more than 10 years of IT industry experience, is a licensed penetration tester, and has specialized in providing technical solutions to a variety of cyber problems, ranging from simple security configuration reviews to cyber threat intelligence. Vijay holds multiple security qualifications including Certified Ethical Hacker, EC-council Certified Security Analyst, and Computer Hacking Forensics Investigator. He loves hands-on technological challenges. Vijay was invited to speak at the National Cyber Security Summit (NCSS), Indian Cyber Conference (InCyCon), Open Cloud Conference, and Ethical Hacking Conference held in India, and he has also delivered multiple guest lectures and training on the importance of information security at various business schools in India. He also recently reviewed Learning Android Forensics, Packt Publishing. For the information security community, Vijay serves as the director of the Bangalore chapter of the Cloud Security Alliance (CSA) and chair member of the National Cyber Defence and Research Center (NCDRC). Table of Contents