Contact Us
Contact Us
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Subscribe to our newsletter
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Mobile Penetration Testing

Ensuring the safety and security of user data is paramount to running any mobile applications. Our tailored approach checks for flaws or exploits that could lead to your data being compromised. These services are designed to identify potential threats and vulnerabilities before it’s too late.

Find out more
Get a FREE 30 min consultation

Are you happy for Defendza to keep you informed on the latest developments in cyber security (attack reports, guidance, DIY articles)? Of course you can unsubscribe at any time. Please see our privacy policy

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Portfolio

Why do you need Mobile Penetration Testing ?

We store a lot of information on mobile devices using applications. Leakage of this information could cause serious damage to the user of the mobile device. An insecure application could provide backdoor access to the sensitive data or compromise of the entire device itself. 

Mobile penetration testing of your applications prior to going live will help reduce your risk of data breach by identifying and eliminating critical security vulnerabilities across your ecosystem.

We have a dedicated security assessments FAQ section. Read it here.

Threats to mobile application

Using Components With Known Vulnerabilities

Applications are using pre-existing components because of tight deadline requirements or even because of fast turnaround requirement. Vulnerable components can be widespread within an organization due to lack of code maintenance or update. This can lead to running out of date and unpatched software designed to fix any previous flaws. 

Unpatched known vulnerabilities are a serious risk and hackers rush to develop exploits before users of these vulnerable components have time to patch their applications. 

Insecure deserialization

Insecure Deserialization occurs when untrusted data is used to abuse the logic of an application, inflict a denial of service (DoS) attack, or even execute arbitrary code upon it being deserialized.

Injecting hostile serialized objects into a web app to initialize unauthorized deserialization can effectively get a web application to run a malicious script or program that will allow the attacker to gain access to the webserver, or cause damage to it and the web applications and services that are hosted on the platform.

Cross-Site Scripting

Cross-site scripting (XSS) vulnerability target scripts embedded in a page that are executed on the client-side rather than on the server-side. An XSS attack involves a threat actor injecting malicious JavaScript into the vulnerable web page. When the victim visits this page, the injected code is executed. OWASP outlines three different forms of XSS vulnerabilities that can affect applications: Reflected XSS, Stored XSS and DOM XSS.

Security Misconfiguration

Security misconfiguration is a broad category and is one of the common vulnerabilities found in applications. The misconfiguration could be due to lack of error configuration, default sample apps / modules left behind in the production environment, no web server hardening supporting the main application or even vulnerable code used on the website itself.

Security misconfiguration is nothing but incorrectly assembling the safeguards of the web application. Such risks occur when holes are left open in the framework by the developers, DBAs or the administrator. 

Broken Access Control

Broken access control occurs when users can perform functions above their levels or gain access to other users’ information. This vulnerability could trivially lead to unauthorized information disclosure, modification or destruction of all data, or performing a business function outside of the limits of the user. 

XML External Entity

An Extensible Markup Language (XML) processor is vulnerable to to XML External Entity (XXE) attack because of the way it processes the input having a reference to an external entity. The attacks can reveal local files having sensitive data such as username, passwords and configuration files by utilising relative paths or schemes in the system identifier.

A threat actor can use the trusted application to hinge at other internal systems, probably showing other confidential content; by starting a CSRF attack for any of the insecure internal services or through HTTP(S) requests

Sensitive Data Exposure

Sensitive data exposure is one of the most dangerous threats to any application because of the damage it can do to the business following a data breach. This data exposure occurs when an application does not adequately protect sensitive information such as passwords, payment details or health data. With this information, a threat actor can make fraudulent purchases, access a victim’s personal accounts, or even personal blackmail.

Broken Authentication and Session Management

Broken Authentication and Session Management attacks are conducted with an intention to get sensitive information from an application including (but not limited to) passwords, user account information and account IDs. These kinds of flaws can be serious in web applications and can put businesses at a high risk. Not only can they expose confidential data, but they can also open back doors into the company which can be exploited by threat actors. Both internal and external attackers can take advantage of these flaws to steal accounts from others and impersonate users.

Injection Flaws

Injection flaws, such as SQL injection, LDAP injection, and CRLF injection, occur when a threat actor sends untrusted data to an interpreter that is executed as a command without proper authorization. Injection flaws are easy to discover when examining the source code of the application. Scanners and fuzzers can help a threat actor find injection flaws trivially.

Injection can cause data loss, corruption or disclosure of sensitive information to unauthorized parties, loss of accountability, or denial of access. Injection can sometimes lead to complete host takeover. The business impact depends on the needs of the application and data.

In-Depth Mobile Penetration Testing.
Call Us Now

Our Methodology

We base our mobile application assessment offerings on an extensive methodology that we have developed after years of experience working across several sectors. A cybersecurity consultancy must follow an approach that delivers expected returns on your investment. At a high level, our approach to mobile application security assessments is:

Step. 1
Scoping and Customer Insight

When you decide to give us the go-ahead, our very first step is to gain insight into your motivation, so that we can advise on your real concerns. The comprehensive process we go through to understand this determines the vision for the project. At the technical level, this includes assets to be included, their fragility and importance to the environment. 

01

Step. 2
Planning

Based on the response received from the reconnaissance phase, the target list is prioritised. The priority would be based on "low-hanging" fruit that could aid in gaining a foothold within the network trivially. 

02

Step. 3
Threat Modeling

This phase helps to evaluate the threats affecting the web application under the scope. The types of attacks and likelihood of these threats materializing will serve as a basis for risk ratings / priorities assigned to the vulnerabilities during the assessment. Gaining insight into the threats identified, will provide a direction to this testing.

03

Step. 4
OWASP Mobile top 10

Our consultants would focus on the top 10 categories of attacks defined by the industry-standard OWASP. This includes:

  • Improper platform usage
  • Insecure data storage
  • Insecure communication
  • Insecure authentication
  • Insufficient cryptography
  • Insecure authorisation
  • Client code quality
  • Code Tampering
  • Reverse Engineering
  • Extraneous functionality

04

Step. 5
Web Server Analysis

Web server hosting of the application is also considered a vital component during this testing. A weakness in supporting infrastructure including the configuration of the webserver could lead to a slight compromise of the application hosted on it. 

05

Step. 6
API Analysis

Modern applications (including mobile) rely on API's for their features / functionalities. Once the API endpoints are identified - during network as well as static analysis - these would be further assessed. Weak API endpoints could lead to trivial functionality bypass or sometimes, potential denial of service scenarios.

06

Step. 7
Local file / storage analysis

Following the initial run, the app would create several files / data which would be stored in the app folder on the device. These files would be analysed to understand the storage mechanism. This analysis would reveal if any app sensitive data including session tokens, passwords are stored in clear text on the device itself.

07

Step. 8
Thorough Analysis and Reporting

Our reports are comprehensive and include all the evidence that supports our findings. We give you a risk rating that considers how likely an attack is as well as the impact it could have. We don’t create panic scenarios. Our mitigation is detailed, covering both strategic and tactical areas to help our clients prepare a remediation plan.

08

Testimonials

"My experience to date with Defendza has been very positive, I look for a flexible, knowledable security "partner" when I engage a PT firm. Pentest means many things to many people and there are many different use cases for both the testing activity and the report generated and I need someone to work with me to get the absolute best value out of my security budget."

Information Security Officer
Insurance Group

Excellent people to work with. Very good knowledge of requirement and give us correct findings with excellent remedy to improve our security for our B2B portal site."

Head of Technical & Business Improvement
Leading Pharmaceutical Manufacturer

"I thought it was a highly professional and thorough exercise and I would have no hesitation recommending Defendza to any of my connections."

Director, Software Engineering
Global Information and Analytics Company

"Good personal service. We are delighted with the work Defendza did for us. Highly recommended."

CTO
Manchester headquartered Global Fashion Brand

"Extremely satisfied with approach, speed and end results. Thanks."

COO
International fashion label and store

"My experience of the Defendza team was 5 star.  They were so helpful, and their technical delivery and client communication were excellent."

Director, Software Development
Corporate Services Company