Attacking mobile targets
Mobile applications are, as their name suggests, applications that reside, even partially, on mobile devices. This means that they differ, both in approach and execution, with respect to traditional web applications.
In traditional web applications, our main access is usually in the form of a web browser. This is so that the entire interface is rendered within it, and it is sent by servers in the form of an HTTP response containing all that is needed to visualize it as intended, including client-side code (such as JavaScript).
Mobile applications have, as opposed to a browser that can interpret any HTTP response, a specific client residing on the mobile device itself. This already has all of the graphics and client-side code within it. This means that the communication between the client and the server in a mobile environment is usually more lightweight, that is, it only consists of the little information that is essential to communicate. This is where...