Free Workshop: Deep Links & XSS attacks on Android & iOS

Did you know Deep Links & XSS attacks are the most common cybersecurity attacks being performed today? Moreover, few of the most dangerous vulnerabilities found in Android & iOS applications involve insecure deeplink handling & XSS.

Join us for this 60-minute all action, no fluff hacking session on March 18 @ 18:00 – 19:00 CET and learn about Android & iOS app security. The Free Workshop (Deep Links & XSS attacks) covers the following topics in Android and iOS:

  • Deep Link attacks achieving user impersonation
  • Bypass authorization controls with Deep Link attacks
  • Deep Link attacks to make phone calls
  • XSS attacks and data exfiltration on Android & iOS

The workshop is a prelude to the main course “Hacking Android, iOS and IoT apps“. A course ideal for Penetration Testers, Mobile Developers and everybody interested in mobile app security. In short through this workshop we show you what the course covers and give you few lab samples. Moreover, attendees are provided with:

  • Lifetime access to a training portal
  • Vulnerable apps to practice
  • Guided exercise PDFs
  • Video recording explaining how to solve the exercises
  • Access to all future updates for Free

Finally, the free workshop will be followed by 2 x 4h live training sessions on March 23-24 @ 17:00 – 21:00 CET

Live Training: Hacking iOS and IoT apps by Example

Come and have fun with us! 🙂

Deep Links & XSS attacks

Audience level

By and large, from new to advanced, content should keep all skill levels happy

Presented by:

Abraham Aranguren: After 13 years in itsec and 20 in IT Abraham is now the CEO of A company specializing in penetration testing of web/mobile apps, infrastructure, code reviews and training. Moreover, a security Trainer at Blackhat USA, HITB, OWASP Global AppSec and many other events. Previously senior penetration tester / team lead at Cure53 ( and Version 1 ( Creator of “Practical Web Defense” – a hands-on eLearnSecurity attack / defense course ( Additionally, OWASP OWTF project leader, an OWASP flagship project (

Finally, as a shell scripting fan trained by unix dinosaurs, Abraham wears a proud manly beard. Also, he writes on Twitter as @7asecurity @7a_ @owtfp or Multiple presentations, pentest reports and recordings can be found at

For the most up-to-date information about upcoming training events, including free workshops, check this.