Press Release

The Mobile Application Hacker's Handbook now available

New book co-authored by MWR's Tyrone Erasmus tackles mobile application security in Android, iOS, Blackberry and Windows Phone

The Mobile Application Hacker’s Handbook is available from today to buy in the UK. It is a comprehensive and practical guide to securing mobile applications.

The book, co-authored by security professionals, including Tyrone Erasmus, head of the Mobile Practice at MWR InfoSecurity in South Africa, cleverly tackles the problem of information vulnerabilities and discusses issues from the point of view of a hacker.

Filled with expert guidance, this publication addresses how one can discover and exploit flaws in mobile applications that are relevant to the most globally used mobile platforms – Android, iOS, Blackberry and Windows Phone. It teaches a proven methodology for approaching mobile application assessments that prevent a variety of different attacks.


In recent years, security breaches have been increasingly taking the centre stage of many media headlines; with more and more major organisations falling victim to cyber attacks. Now more than ever, being aware of how to secure data is necessary. Mobile devices are so embedded in everyday life and the security of these devices affects people in a personal capacity, as well as in business.

It is with these principles in mind that The Mobile Application Hacker’s Handbook was created.

Tyrone Erasmus, head of the Mobile Practice at MWR InfoSecurity in South Africa, is one of the four mobile security expert co-authors who has taken a highly technical approach to discuss the vulnerabilities that attackers can take advantage of. Erasmus, whose contribution focuses on the Android chapters, also shares recent cutting-edge research conducted by global information security consultancy, MWR InfoSecurity.

“As mobile apps are so widely used in today’s world, mobile is most definitely an emerging attack vector. As such, the more that is understood about it, the better chance we have at improving our security against those wishing to infiltrate it," he explained. "I’m happy to have had the opportunity to not only be a part of this book and research, but also be a contributing factor to teaching others how to better protect themselves against attack.”

As it stands, there are over a million apps in Apple’s App Store alone – yet there is a shocking lack of published material on the topic of mobile security. The Mobile Application Hacker’s Handbook sees to change this and be a positive movement to educating others in the topic of mobile security awareness.

The Mobile Application Hacker’s Handbook is available to buy from:

Google Play Store



Accreditations & Certificates

MWR is an accredited member of The Cyber Security Incident Response Scheme (CSIR) approved by CREST (Council of Registered Ethical Security Testers).
MWR is certified under the Cyber Incident Response (CIR) scheme to deal with sophisticated targeted attacks against networks of national significance.
We are certified to comply with ISO 9001 and 14001 in the UK, internationally accepted standards that outline how to put an effective quality and environmental management systems in place.
MWR is certified to comply with ISO 27001 to help ensure our client information is managed securely.
As an Approved Scanning Vendor MWR is approved by PCI SSC to conduct external vulnerability scanning services to PCI DSS Requirement 11.2.2.
We are members of the Council of Registered Ethical Security Testers (CREST), an organisation serving the needs of the information security sector.
MWR is a supplier to the Crown Commercial Service (CCS), which provides commercial and procurement services to the UK public sector.
MWR is a Qualified Security Assessor, meaning we have been qualified by PCI to validate other organisation's adherence to PCI DSS.
As members of CHECK we are measured against high standards set by NCSC for the services we provide to Her Majesty's Government.
MWR’s consultants hold Certified Simulated Attack Manager (CCSAM) and Certified Simulated Attack Specialist (CCSAS) qualifications and are authorized by CREST to perform STAR penetration testing services.