Hackfest 2023 - Back to the Future

Gabrielle Botbol

Gabrielle Botbol is a Pentester at Desjardins, the largest financial cooperative in North america. With a deep focus on the banking industry, Gabrielle specializes in exploring mobile applications and API.
Gabrielle is an avid blog writer who advocates for access to education for all. In addition, she has a large following on social media, where she shares many educational resources about technical training and many other cyber topics.
She actively contributes to various organizations as a member of their Advisory Board, such as APIsec University. She is a speaker and trainer at global events and prestigious universities, like Blackhat, APIsecure, Apidays, Bsides, Owasp, Cuny University, Toronto University…
With her contributions to the community, Gabrielle has been the recipient of multiple prestigious awards. Among them, she was honored as one of the Top 20 women in cybersecurity in Canada, Pentest Ninja at WSCJ, Educator of the Year at AYA, Top Influencer in Cybersecurity by IFSEC Global, and Woman Hacker of the Year by CSWY.


Your pronouns

She/Her

Which country are you from?

Canada


Session

10-13
13:30
50min
Android Application and APIs hacking
Gabrielle Botbol

As mobile devices have become increasingly prevalent, the security of Android applications has become a critical concern.
Pentesting is an essential process for identifying and mitigating potential vulnerabilities in these applications, but Android app hacking is a specialized area that is less well-documented than other pentesting techniques.
In this session, the focus will be on how to pentest Android apps and their APIs.

The presentation will address key questions such as what Android pentesting is, how to set up an Android App pentest lab, and how to pentest an Android App and its APIs from start to finish.

Participants will leave the session with tips and resources for learning, practicing, and setting up a complete set of tools for Android application pentesting, including detailed examples on a purposefully vulnerable application.
The goal is to equip attendees with the knowledge and skills necessary to conduct thorough and effective pentests of Android applications.

Offensive
Track #1