SecPlusTrainer / Glossary / What is mobile application security testing?
D9 · PenTest+

What is mobile application security testing?

Mobile app testing: SSL/certificate pinning bypass (Frida), binary analysis (jadx for APK, Hopper for IPA), sensitive data storage (cleartext in SharedPrefs/Keychain), insecure network comms, API analysis via proxy.
Android: decompile APK with jadx. iOS: jailbreak for filesystem access. Frida hooks app functions at runtime — bypasses certificate pinning to intercept HTTPS. OWASP MSTG (Mobile Security Testing Guide) is the comprehensive reference. Check: hardcoded credentials, insecure data storage, excessive permissions.

Related Terms

What is banner grabbing? What is enumeration in cybersecurity? What is OSINT (Open Source Intelligence)? What is passive reconnaissance?
← Back to Glossary Practice Questions →