Hacking Mobile Devices with Live Testing of Mobile Apps

Mobile devices such as smartphones and tablets are now used for making purchases, emails, social networking, and many other risky activities. These devices run specialized operating sysems that have many security problems one of which is the fact that many mobile apps don't properly implement SSL/TLS. In this workshop we will look at how to perform a man-in-the-middle attack using Wi-Fi and Ethernet to live test mobile applications. Any mobile app can easily be tested to see if the app can detect the attack. 

Set up:

If you want to set up your workstation before the event, please go to: If you have any questions about the set up, email us at 

What you need:

  • a laptop, preferably a Mac running OS X (Yosemite, El Capitan or other versions are acceptable)

  • any mobile device (iPhone, Androide) loaded with moible apps (recommended older versions of apps) 

  • Burpe Suite

Learning outcomes: 

  • participants will be able to live test mobile applications. 

  • using Burp Suite, participants will be able to see thier mobile device's Internet traffic and how fake certificates are signed

  • participants have an opportunity to create an audit and learn how to document their work

Speaker Bio: 

Sam Bowne is a CNIT/Cybersecurity Instructor at City College of San Francisco since 2000. He has given talks and hands-on workshops at DEFCON, HOPE, Diana Initiative, BayThreat, Pacific Hackers Con, CactusCon, RSA, B-SidesSF, B-SidesLV, and many other cons. He has a PhD, CISSP and a lot of very interesting T-shirts. Follow Sam on Twitter @sambowne. 

You may be asked to sign a Nondiscolure Agreement to protect the confidentiality of any research currently being conducted at City College of San Francisco. Please respect attendees and guest speaker's rights to privacy and from publication, unless express permission is granted by the individual, this includes images, comments, written communications, and hearsay. 


4:00 - 4:10 Registration
4:10 - 5:00 Presentation
5:00 - 5:30 Live testing
5:30 - 6:00 Q&A/Networking


What are my transportation/parking options for getting to and from the event?

Muni 29/49/54/K and BART - Balboa Park are located nearby.

Visitor parking is available on Phelan Avenue in the Student Parking Lot. See the map for more information. There is a fee to park in the Student Parking Lot. Street parking is free. For more info on parking on campus: CCSF Parking Info.

Parking Lot Map:

How can I contact the organizer with any questions?

Email us at