Mobile App Penetration Testing

Mobile penetration testing services delivered by our Tigerscheme and OSCP qualified testers, covering iOS and Android applications and authenticated and unauthenticated testing.


CREST Accredited Mobile App Testing

Secure your mobile applications with penetration testing services delivered by our Tigerscheme and OSCP qualified testers.

Our services cover iOS and Android applications and authenticated and unauthenticated testing.

We’ll provide a detailed report, recommendations, a telephone debrief and post test guidance.

We will also provide you with a free retest for remediated issues.

  • CREST Accredited for Penetration Testing
  • CREST, Tigerscheme, Cyberscheme & OSCP Testers
  • Best Practice Testing Methodology
  • Detailed Test Report & Remediation Guidance
  • Call to Discuss Findings & Recommendations
  • Free Retest for Remediated Vulnerabilities
  • Affordable Rates & Flexible Engagements

03330 500 111

Our Qualifications

Evalian penetration testing accreditation

I’ve engaged with evalian® for the first time and have been very impressed. They have assisted us with a number of Information Security Projects from Penetration Tests through to a comprehensive GDPR compliancy assessment. evalian® have a deep understanding of the fields they work in. Commercially, evalian® are very competitive and I would highly recommend their services.

Dave Clarke, CTO, BES Utilities

Our Approach

Data Mapping

Test Scoping

We'll help you determine the right tests and scope based on your objectives

Evalian Assessment

Proposal & Quote

You'll get a written proposal and quote tailored to your requirements


Statement of Work

We'll prepare an SoW covering testing deliverables and prerequisites

End Point Build Assessment

Testing Work

Your tester will deliver the work, staying in contact with you throughout


Detailed Report

You'll get a detailed report setting out our findings and recommendations


Post Test Debrief

We'll arrange a call to discuss our report and answer your questions

Mobile application Testing

Remediation Advice

We'll remain available to you to provide remediation advice and guidance

Vulnerability Assessments

Free Retest

When you've fixed the issues identified in the test, we'll retest them for you

Trusted By

Testing Methodology

Application Architecture Review

We’ll start with a static analysis of the app and determine frameworks and libraries in use, identify entry points and map execution paths.

Application Testing

Your tester will assess the application in accordance with the Open Web Application Security Project Mobile Testing Guide (OWASP-MTG) methodology, covering the following areas:

  • Local Storage
  • Endpoint Communication
  • Authentication/Authorisation
  • Session Management
  • Interaction with Mobile Platform
  • Code Quality and Exploit Mitigation
  • Cryptography
  • Business Logic
  • Anti-Reversing and Anti-Tampering

Testing Includes

Depending on the agreed scope, our testing activities will include the following and more:

Data Storage Determination
Key Storage Testing
Shared Storage Testing
API Key Handling Testing
Data in Transit Testing
Encrypted Credential Testing
Default Credential Testing
Lockout Testing
Authentication Bypass Testing
Password Policy Testing
Session Token Storage Testing
Role Definition Testing
User Registration Process Testing
Session Management Testing
Logout Testing
Session Timeout Testing
API Testing
Injection Testing
Cryptography Testing
Validation Testing
Integrity Check Testing
Decompilation Testing
Rooted Device Testing
Injection & Recompilation Testing

About Us

Evalian provides penetration testing, security assessment and data protection services to organisations of all sizes in the UK and globally.

Our experienced team work from offices in London, Southampton and Manchester and remotely across the UK. We are certified to ISO 27001 and ISO 9001 and CREST accredited for penetration testing.

If you need a quote, example reports, or just want some advice we’d be pleased to help. Contact us today for more information.


Need Testing Advice?

Contact us now for a friendly, no-obligation discussion or to request more information about our penetration testing and security assessment services.

Contact Us