Adventures in Exploiting WebViews for Android Attacks

About this course

Many mobile apps use WebViews to load and display web content directly within the app. However, WebViews expand the threat vector and attackers can exploit them to steal user credentials or launch phishing campaigns.

NowSecure Senior Mobile Application Penetration Tester David Mockler will lead a hands-on tutorial on exploiting WebViews using the Frida dynamic instrumentation toolkit.

This session will cover the following:

How to analyze a common Android WebView implementation to pinpoint vulnerabilities
What common mobile pen testing tools you need to test the sample app
How to exploit WebViews performing URL redirect, cross-site scripting and code execution

Curriculum33 min

Adventures in Exploiting WebViews for Android Attacks 33 min
Course Feedback

About this course

NowSecure Senior Mobile Application Penetration Tester David Mockler will lead a hands-on tutorial on exploiting WebViews using the Frida dynamic instrumentation toolkit.

This session will cover the following:

How to analyze a common Android WebView implementation to pinpoint vulnerabilities
What common mobile pen testing tools you need to test the sample app
How to exploit WebViews performing URL redirect, cross-site scripting and code execution

Curriculum33 min

Adventures in Exploiting WebViews for Android Attacks 33 min
Course Feedback

Adventures in Exploiting WebViews for Android Attacks

Learn more about exploiting WebViews for attacks.

About this course

Curriculum33 min