CypherCon 2023

Beginner’s Guide to Mobile Applications Penetration Testing

Whitney Phillips


In this talk, I introduce how to test mobile applications from an attacker perspective. I will discuss jail breaking software for both Android and iOS. I will also go over methods used to obtain both Android APKs and iOS IPAs. And I will finish the talk going over various tools used to perform testing.

Importance: I’m writing this talk because I believe mobile application testing is an area in security that could use more interest. I am doing this as a beginners level with a high level overview of the process I used at my job.

Whitney Phillips

Cybersecurity consultant supporting blue and purple team

Whitney is a Security Consultant with 10 years of experience ranging from support tech, blue and purple team, and the most recent transition to red team with a primary focus in Mobile Application Penetration testing. Whitney volunteers for the Michigan Cyber Civilian Corps (MiC3). Whitney’s passion for security started early on in college but truly progressed in her position of a mobile application penetration tester. Her time in that role helped developed a greater understanding of the importance of keeping applications secure which inspired a deeper passion for security.