AppSecUSA 2015: QARK: Android App Exploit and SCA Tool

AppSecUSA 2015 - Buy ticket at http://2015.appsecusa.org/buy/

Back To Schedule

QARK: Android App Exploit and SCA Tool

Ever wonder why there isn't a metasploit-style framework for Android apps? We did!

Whether you're a developer trying to protect your insecure app from winding up on user devices, an Android n00b or a pentester trying to pwn all the things, QARK is just what you've been looking for!

This tool combines Static Code Analysis with source-sink mapping, teaching by detailing misconfigurations, citing research detailing the issues and automatic exploitation into one, simple to use application!

Our tool will review any Android app, either from source or APK, highlight version specific issues, detail your app's attack surface, inspect all your app components for misconfigurations and allow you to create on-demand proof-of-concept attack applications.

Speakers

Tushar Dalvi

Senior Information Security Engineer, Vulnerability Research & Assessment, LinkedIn

Tushar loves breaking web applications and ceramic bowls. Tushar Dalvi is a security enthusiast, a pool hustler and currently works as a Senior Information Security Engineer at LinkedIn. He specializes in the area of application security, with a strong focus on vulnerability research... Read More →

Tony Trummer

Staff Information Security Engineer, LinkedIn

I am a security enthusiast and passionate about Android security in particular. You can talk to me about anything from skateboarding to cosmology.

Thursday September 24, 2015 2:00pm - 2:55pm PDT
Room A

Topic: Mobile

Tags Day3and4

AppSecUSA 2015

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tushar Dalvi

Tony Trummer