The purpose is to provide attackers and defenders the ability to test their mobile environments to identify design weaknesses and vulnerabilities.
The Mobi Sec Live Environment provides a single environment for testers to leverage the best of all available open source mobile testing tools, as well as the ability to install additional tools and platforms, that will aid the penetration tester through the testing process as the environment is structured and organized based on an industry‐proven testing framework.
If you are interested, please contact one of the project leads or feel free to visit the mailing list as well!
Project Email List Jonathan Carter @ Milan Singh Thakur @ Mike Zusman @ Tony De La Grange @ Sarath Geethakumar @ Tom Eston @ Don Williams Jason Haddix @ Zach Lanier @ Ludovic Petit @ Swapnil Deshmukh @ Beau Woods @ David Martin Aaron @ Luca De Fulgentis @ Andrew Pannell @ Stephanie V @ Please visit the project page for current information.
The i MAS intent is to protect i OS applications and data beyond the Apple provided security model and reduce the adversary’s ability and efficiency to perform recon, exploitation, control and execution on i OS mobile applications.
i MAS will transform the effectiveness of the existing i OS security model across major vulnerability areas including the System Passcode, jailbreak, debugger / run-time, flash storage, and the system keychain.
As such, i Goat is a safe environment where i OS developers can learn about the major security pitfalls they face as well as how to avoid them.
Based on feedback, we have released a Mobile Top Ten 2016 list following a similar approach of collecting data, grouping the data in logical and consistent ways. i MAS is a collaborative research project from the MITRE Corporation focused on open source i OS security controls.
Today, i OS meets the enterprise security needs of customers, however many security experts cite critical vulnerabilities and have demonstrated exploits, which pushes enterprises to augment i OS deployments with commercial solutions.
It is made up of a series of lessons that each teach a single (but vital) security lesson.
The lessons are laid out in the following steps: Step 4 is optional, but highly recommended for all i OS developers.
So the top ten categories are now more focused on Mobile application rather than Server.