Supported Platforms

Android

SH1ELD Mobile is built for client side static analysis and completely automated dynamic analysis with integrated workflow mapping. It is capable of detecting both client-side and server-side flaws. So, for the price of mobile app analysis, SH1ELD will do complete mobile app analysis combined with API testing for the server side.

Some of the common vulnerabilities covered include:

SSL/TLS Implementation
Reverse Engineering
WebView configuration & implementation
Manifest problems
Android intent implementation
SQLite encryption & injection
App file storage permissions
Debug configuration
Debug code analysis
Cross Site Scripting(XSS) Flaws
Business Logic Issues
Memory Dump Analysis
Rooted Device Exploitation
Permission Analysis
Integrated Malware Scan
Activity / Service / Broadcast Hijacking
Session Handling and exploitation

SH1ELD Mobile will aid you to make your Android app secure by checking all possible endpoints in your app and verify it against the OWASP Mobile Top 10, PCI-DSS, HIPAA & our Custom end-to-end BB-MOB91 security checklist.

Our report will give you complete description of each vulnerability with proof of concept (POC) and remediation assistance. Our internal team is always at your disposal for patch assistance and is completely comfortable to communicate directly with your developer team itself to ensure complete transparency and quick patching.

With thorough analysis with static, dynamic and even manual analysis wherever required, SH1ELD Mobile will ensure that your android application and your API servers are both protected across all possible attack vectors.

For even more transparency, SH1ELD Mobile offers you to even host the testing virtual devices on your own servers, so that you can completely monitor and analyze each and every scan in progress.

iOS

Like Android SH1ELD Mobile does thorough client side static analysis and completely automated dynamic analysis for IOS too, also, with workflow mapping. Being Cost effective as well as thorough, it will do complete analysis across common mobile app flaws and also the IOS specific vulnerabilities.

Some of the common vulnerabilities covered include:

SSL/TLS Implementation
Reverse Engineering
Snapshot / Backgrounding exploitation
ASLR implementation
Cache smashing prevention
Local DB encryption & injection
Binary Analysis
Runtime Analysis
API testing
Cross Site Scripting(XSS) Flaws
Business Logic Issues
Memory Dump Analysis
JailBroken Device Exploitation
Protocol Overflows
Integrated Malware Scan
Common web-flaws like CSRF, SQLi, RCE etc.
Session Handling and exploitation

SH1ELD Mobile will aid you to make your IOS app secure by checking all possible endpoints in your app and verify it against the OWASP Mobile Top 10, PCI-DSS, HIPAA & our Custom end-to-end BB-MOB91 security checklist.

Our report will give you complete description of each vulnerability with proof of concept (POC) and remediation assistance. Our internal team is always at your disposal for patch assistance and is completely comfortable to communicate directly with your developer team itself to ensure complete transparency and quick patching.

With our special automated Runtime Analysis mechanisms we will ensure that all endpoint are covered and each API call is analyzed individually for technical and logical flaws

For even more transparency, SH1ELD Mobiles offers you to even host the testing virtual devices on your own servers, so that you can completely monitor and analyze each and every scan in progress.