Internship Software Security & Assessment Frida Toolkit

NVISO is a pure-play cyber security consulting firm: our team is composed of security professionals who each have their specific field of expertise ranging from Information Security Governance Risk & Compliance to Incident Response Penetration Testing CSIRT/SOC Software Security and Training & Awareness. This fantastic blend of skills enables us to help organizations prevent detect and respond to complex security challenges.

Tasks

As an intern within the SSA service line you will be working alongside the mobile pentesting team to further develop a toolkit to perform mobile application security assessments more efficiently and in a unified manner. This toolkit is built upon the popular instrumentation framework Frida and targets both Android and iOS functionalities and already contains several custom Frida scripts to detect and modify different application behaviors such as Jailbreak detection KeyChain usage or logging specific variables and functions.

As part of the internship you will continue building on these custom Frida scripts by improving their functionality or by using them as a basis for new functionalities to detect or modify other application behaviors.

Responsibilities

• Learn more about the possible security issues on Android and iOS.
• Explore the possibilities of Frida on Android and iOS.
• Examine the OWASP MASVS and analyze what checks can be automated by Frida.
• Create and build further upon custom Frida scripts to monitor or modify application behavior by reverse engineering existing application code.
• Collaborate with the mobile pentesting team to test and validate the Frida scripts on (vulnerable) applications.
• Wrap these Frida scripts in a user-friendly UI or command line tool.
• Create documentation both for end users and developers.

Output of Internship:

The toolkit that you will help develop will be actively used by the mobile security pentesting team to perform their assessments in a more efficient and unified manner.

Furthermore this toolkit will help lower the initial knowledge level needed for other pentesters within NVISO to start working on mobile assessments and gaining hands-on experience.

Lastly you will have the ability to discover NVISOs way of working learn all about mobile application security and have the opportunity to collaborate with security professionals in the cyber security and mobile application security industry.

Requirements

• Currently pursuing a degree in (Applied) Computer Science IT or a related field with a strong interest in mobile security and Cybersecurity in general.
• Development experience in Java JavaScript and Python.
• Mobile application development and/or security experience is a plus
• Eager to learn about new technologies and perform hands-on work
• Capable of working independently on a project

Disclaimer on the Use of AI Tools in the Application Process

Please be aware that the creation and submission of application documents (e.g. CV cover letter case studies etc.) using AI-powered tools is only permitted to a limited extent.

Our expectations:

Application documents must authentically reflect your own qualifications personality and motivation.

The use of AI for supportive purposes (e.g. spell-checking improving wording) is acceptable.

Fully generated application documents created by AI without personal adaptation or review are not permitted.

Under no circumstances may NVISO information data or documents be uploaded to or processed by external AI tools.

We reserve the right to exclude applications from the selection and interview process that are clearly created primarily or exclusively by AI and show no recognizable personal input.

The purpose of this policy is to ensure a fair and transparent recruitment process and to obtain an authentic impression of our applicants.