3 Ways To Get Certified As A Mobile Penetration Tester For Fun And Profit.
Used by hobbyists to level up in skills and experience.
Before we start getting our hands dirty by looking at the internals of mobile apps, let's set the stage by looking at what the certification landscape looks like. I'm sharing this first in the series because I know this will be essential to those who already have the skills or are starting but looking to apply for roles in companies.
As a disclaimer, I haven't taken any of these certifications yet and this is purely coming from the resources I've learned from the mobile application penetration testing course from TCM Security Academy. Also, this list is in no particular order on which one I recommend to go after.
With that out of the way, let's dive right in.
eLearnSecurity Mobile Application Penetration Tester
This certification is provided by eLearn Security and also comes with training material from INE which can be accessed with an active subscription. You can attempt to get certified without training for people who feel prepared to demonstrate their practical and professional skills.
You will need to follow these steps to get a certificate whether attempting the eMAPT certification exams with or without the training courses from INE:
Purchase a certification exam voucher
Begin the certification process
Take your exam
Upload your report
Receive your results
To get certified, you will be assessed on...
Information Gathering
Reverse engineering Android applications
Exploit Android vulnerabilities
Applied security principles
Logic flaws
Exploit development for Android environments
Encryption and cryptography
Identify vulnerable implementations
GIAC Mobile Device Security Analyst (GMOB)
The GIAC Mobile Device Security Analyst (GMOB) certification ensures that people charged with protecting systems and networks know how to properly secure mobile devices that are accessing vital information.
This certification tests candidates on knowledge about assessing and managing mobile device and application security, as well as mitigating against malware and stolen devices.
To get certified, you will be assessed on...
Analyzing Mobile Applications
Assessing Mobile Application Security
Attacking Encrypted Traffic
Managing Android Devices and Applications
Managing iOS Devices and Applications
Manipulating Mobile Application Behavior
Manipulating Network Traffic
Mitigating Against Mobile Malware
Mitigating Against Stolen Mobile Devices
Reverse Engineering Mobile Applications
Unlocking and Rooting Mobile Devices
Infosec Institute Certified Mobile and Web App Penetration Tester (CMWAPT)
This is a learning path that aims at building your penetration testing skills and prepares you to earn your Certified Mobile and Web App Penetration Tester (CMWAPT) certification you receive after the course to validate your pen-testing skills.
Similar to INE, you get access to the training materials with an active subscription.
These are just some of the organizations to get certified which I know but if you have experience with other organizations, please leave a comment below. If you're enjoying this series, please tell a friend and follow me for more content like this.