We’ll consider the ways to get the MITM-position, conduct classical attacks on HTTPS in the browser (SSLStrip +).
We will learn to detect vulnerabilities of HTTPS-clients at the example of an Android application. We will also speak about mistakes in client-server communications.
For the workshop you will need:
- The laptop from which you will hack the application;
- The phone on which you will hack the applications.
Android part of the workshop will require phone with Android and such programs as bettercap, mitmproxy, openssl, adb and Android Studio (optional). It is recommended to use Kali Linux (can be live).