Mind the Bridge - A New Attack Model for Hybrid Mobile Applications
Hack In The Box Security Conference via YouTube
Lead AI Strategy with UCSB's Agentic AI Program — Microsoft Certified
Power BI Fundamentals - Create visualizations and dashboards from scratch
Overview
Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
Explore a groundbreaking attack model for hybrid mobile applications in this conference talk from the Hack In The Box Security Conference. Delve into the world of "Javascript bridges" and uncover a novel class of vulnerabilities in hybrid apps that combine web and native mobile app features. Learn about three vulnerability models that can lead to attacks, bypassing existing validation and restriction technologies. Gain insights into the embedded browser architecture and understand the root cause of these security risks. Discover a new automated tool for vetting hybrid apps and examine a practical mitigation measure called "RichInterface" implemented in a custom embedded browser. Evaluate the effectiveness and scalability of this solution through real-world app examples, presented by an experienced security researcher with expertise in browser and Android application security.
Syllabus
#HITB2021AMS D2T1 - Mind The Bridge: A New Attack Model For Hybird Mobile Applications - Ce Qin
Taught by
Hack In The Box Security Conference