Mobile Application Penetration Test

Mobile applications introduce some unique security challenges.

Penetration testing for mobile apps must therefore identify vulnerabilities unique to applications developed for mobile devices. We examine the various interfaces between the user and the mobile application, and the application components themselves.

The objective is to assess the security of the data in transit and at rest, to determine the potential for an attacker to manipulate the mobile application through client or server side interaction.

The assessment finds vulnerabilities both as registered and anonymous user types. This type of testing has a high manual component (80%), and test consultants build custom test cases to discover contextual security vulnerabilities, specific to the application.

Key Benefits


  • Demonstrate to users and stakeholders a commitment to keeping their data safe

  • Reduce the risk of your sensitive data or source code being stolen

  • Keep your iOS and Android applications safe and up-to-date through regular testing
  • Recognise previously undiscovered security issues at the device, API and back-end server infrastructure levels

  • Save time and money by focusing your attention on fixing the most critical vulnerabilities first

Our Mobile Application Penetration Test Approach


1. Understanding the application

Good mobile application penetration testing requires a thorough and deep understanding of the application.

Our team examines the actual application for both iOS and Android, user guides and manuals, and where required will review with development team.

2. Static/dynamic code review

If the source code of the application is available, we perform a source code review to identify any security issues within the code.

If the source code is not available for review, we begin the test with a reverse engineering exercise to uncover any issues with key areas of the software, such as input validation or authentication.

3. Local storage analysis

Mobile applications typically store data locally. The access to this data may allow an attacker to avoid certain security mechanisms in the application.

We recover and analyse any files used by the app to uncover any identifiable sensitive information.

4. Intercept & Proxy traffic

Mobile applications connect to the back-end server to manage authentication, access control and other security measures.

In order to analyse the network communications in detail we set up a proxy between the mobile application and the back-end server.

We then combine automated tools and manual testing techniques to achieve an in-depth investigation of the application.

5. Reporting

A detailed report is prepared, providing the results of the tests. The vulnerabilities identified are included with a description, risk rating, enumeration and vulnerability details, IDs, such as CVE –ID, Bugtraq-ID, etc. Most importantly we provide clear recommendations for mitigation.

What happens next

We'll schedule a preliminary phone call to learn about your challenges

You'll outline your needs and highlight any relevant applications in a scoping questionnaire

We'll review the results and send a detailed proposal outlining the service and pricing

You'll let us know when to proceed

We'll schedule a convenient start date and begin gathering the required technical information in advance


Our Accreditations

      Crest Star                         Cyber Essentials Certification       G-Cloud Supplier

Contact Us

Frequently Asked Questions


Are the security challenges different in a mobile app than a web app?

Yes, there is code in the client device that can be exposed to attacks in many ways. Mobile device users may have the ability to download unsecured apps that are sharing the space in the client device with your application.

Your mobile application will be potentially exposed to ‘jailbroken’ or rooted mobile devices (compromised or hacked mobile devices), which may allow hackers to reverse engineer source code and/or access local sensitive data stored by your application.

What are the typical threats faced by mobile applications?

Your mobile application resides on a device outside your secure infrastructure – the user's handset or tablet. This means that you have little or no control of that device and other applications that run alongside your application.

  • A user may unwittingly install a malicious application which may gain access to your application data
  • A user may willingly hack the phone, to reverse engineer your application
  • As mobile devices often connect to networks via WIFI, the interaction of your mobile application with the server may be subject to network sniffing and man-in-the-middle attacks

What vulnerabilities can we expect during this testing?

Based on our experience of testing 100's of mobile applications, we have seen high instances of issues related to mobile application client security including local data storage and hardcoded passwords.

We have also observed a high incidence of authentication and authorisation issues, where security controls implemented at the mobile client are easily bypassed to access privileged functions on the back-end application.

Do you perform reverse engineering tests?

Reverse engineering is performed to bypass SSL pinning, steal cryptographic keys, to bypass authorisation logic code into the mobile app and to check if obfuscation techniques are adequate.

This technique is also used to prove the possibility of exploitation, or in conjunction with a social engineering test.

Bespoke security testing

Minimising Cyber Security Risks

Our Security Testing Programmes help clients identify and mitigate against the vulnerabilities within their infrastructure, processes and people. We design and conduct rigorous investigative engagements that locate and fortify weaknesses within technology, code and human behaviour.

We offer a broad range of standalone and managed security testing services, as part of both point-in-time projects and ongoing, integrated programmes.