Mobile Security

Mobile Security is my focused research and learning area for Android and iOS application security.

This section will collect practical notes, labs, architecture review patterns, SAST/DAST workflows, threat modeling approaches, and mobile AppSec research.

Planned Areas
#

Android Security Testing
#

Static and dynamic analysis workflows, APK inspection, insecure storage checks, exported components, deep links, network security configuration, and runtime testing.

iOS Security Testing
#

IPA analysis, local storage review, keychain usage, jailbreak-aware testing, transport security, and runtime behavior analysis.

Mobile API Security
#

Authentication, authorization, session handling, token storage, rate limiting, backend trust assumptions, and API abuse cases in mobile ecosystems.

SAST and DAST Workflows
#

Tooling notes, repeatable testing pipelines, report templates, and practical workflows for mobile security assessments.

Mobile Architecture Review
#

Threat modeling, secure design review, data flow analysis, trust boundaries, and defense-in-depth patterns for mobile applications.

Detailed mobile security notes and labs are coming soon.

Planned Areas#

Android Security Testing#

iOS Security Testing#

Mobile API Security#

SAST and DAST Workflows#