Learning Center

NowSecure Updates

• Log4Shell and Its Impact on Mobile Security

Security Resources for Common Vulnerabilities

• Android Attributes
• App Transport Security (ATS) and Exemptions
• Cryptography
• Hard-coded Keys, Passwords and URLs
• Hostname Verification
• Certificate Validation
• HTTP Requests

NowSecure Academy

• NowSecure Academy

Secure Mobile Development Resources

• Intro to Mobile AppSec - Resources & Terminology
• Data Storage
• Authentication & Session Management
• Cryptography
• Certificate Pinning
• Code Quality
• Reverse Engineering Resilience

Mobile Developer Terminology

• Android Platform Glossary
• Android and Java Vocab Words

Ethical Hacking - Mobile Resources

• Open Source Software (OSS)
• Resources for Hacking

Blogs

• Sven Schleier's Brain Dump Blog (Mobile AppSec Tech Blog)
• A 3-Part Mobile App Security Testing Checklist to Build Your Program
• Mobile App Session Replay & Its Privacy Impact
• How to Spot a Fake Android App
• How to Protect Mobile Apps from MiTM Attacks
• Peering Inside the Mobile Attack Surface

See all 13 articles