BruCON Agnitio workshop Slides and Video Demonstration - Download

Mohit Kumar 23 Sep, 2011

BruCON Agnitio workshop Slides and Video Demonstration - Download

Workshop by David Rook (Security Ninja) at BruCON 2011 in Belgium. You can Download Slide from here.

Required for the Agnitio hands on demos:

Optional
In addition to the list above the following things are optional depending on how hands on you want to be:

Internet connection to download an application from the Android market place
Eclipse IDE installed
Android SDK installed
Android Debug Bridge (adb) installed, this should be installed as part of the SDK install
An AVD configured with the Android market place app installed (instructions here)
I think you can also use a rooted Android device if you don’t want to use the emulator

Workshop format

A quick look at static analysis and the strengths and weaknesses of humans and software
What is Agnitio and why do I think checklists are a vital component of security code reviews
Some examples of what can go wrong if you don’t use checklists to find and remove simple flaws
Demos/hands on: using checklists in Agnitio to review source code, produce reports and metrics
Demos/hands on: how to customise your Agnitio installation
A look at mobile (Android and iOS) application security and how analysis is currently done
Demo/hands on: using the mobile specific rule sets in the Agnitio static analysis module
Demo/hands on: downloading an app from the marketplace and decompiling it using Agnitio