Mobile application audits

Synetis offers an analysis of Android mobile applications. Here, the objective is to verify:
  • The security of user data
  • The security of the servers to which the servers are connected
  • During these audits, a decompilation of the APK is done in order to perform a static analysis. In addition, a dynamic analysis is carried out to verify the proper functioning of security mechanisms specific to Android.

    The first part of the Synetis methodology consists of a complete static analysis whose main goal is to disassemble the application in order to reveal implementation security weaknesses at the level of the application source code, secrets and sensitive information directly accessible in the configuration files.

    The second part of the audit consists of dynamic analysis, the aim of which is to test the behavior of the application with respect to the use of the application by an attacker, such as injection attempts to exploit vulnerabilities such as SQL Injection, Cross-Site Scripting and many others.

    Combined with these tests, vulnerability searches are also carried out on the backend of the servers communicating with the application via APIs and other means.

    Build your
    with Synetis!