Quick Look: ShadowOS - Modifying the Android OS for Mobile Application Testing

Most penetration testers know the headaches of testing mobile applications. Challenges like certificate pinning and wondering what files are being written to the device while the app is in use. Since Android is open source, you create your own custom OS that takes the guess work out of your assessment. By doing this, you can monitor HTTP/HTTPS traffic, SQL Lite queries, file access and more.

ShadowOS is a new, free tool from HP Fortify on Demand - stay tuned for more details to be announced the week of RSA Conference Asia Pacific & Japan 2015!



Ray Kelly Research and Innovation, HP Fortify On Demand

← View more Videos

This document was retrieved from on Sun, 23 Oct 2016 16:21:16 -0400.
© 2016 EMC Corporation. All rights reserved.