ABOUT MOBILE APPLICATION PENETRATION TESTINGMobile applications work in a similar manner to web applications. They contain often-complex interfaces that allow users access to the same functionality available in web applications. We test mobile applications and look for common and not-so-common issues, such as: database injection, cross-site scripting, privilege escalation, and business logic issues. The way this attack scenario differs from web application testing is that we also conduct a device review to ensure your mobile application does not contain sensitive data in readable source code and that important data is not stored on the device in an unsafe way where it could be accessed by an attacker who is on the device but is not logged in to the application.
|
Regardless of attack scenario, Rarefied always tests for security issues in a safe manner. We use proofs of concept to illustrate and leverage the issues we discover without damaging real users or data.
If you wish to read further about our testing methodology, please click here.
If you wish to read further about our testing methodology, please click here.