Android's Architecture


ANDROID HACKING AND PENETRATION TESTING COURSE

Course Description

Android Hacking and Penetration Testing course is a highly practical and hands on video course. The course will focus on the tools and techniques for testing the Security of Android Mobile applications. During the course, students will learn various topics such as Android architecture, Android security model, Android Application Pentesting and Exploitation, Reversing Android applications, static and dynamic analysis of android malware etc. After finishing this course you will be able to perform Penetration testing on Android device and its applications

Who Should Take The Course?

The course does not require any prior knowledge or programming, the course is ideal for Penetration Testers, Security Enthusiasts, Developers and Students who are interested in Mobile Application Development and Penetration Testing.

SYLABUSS

Module - 1 Introduction

  1. Introduction to the course

  2. About the Instructors

  3. Course Instructions

  4. Need for Mobile Security OWASP Top 10 Mobile Risks

Module - 2 Lab Setup for the Course

  1. Lab Setup

  2. Installing Ubuntu on VMware

  3. Setting Up an Android Pentesting Environment on Ubuntu

Module - 3 Getting Familiar with Android Developer tools

  1. Eclipse IDE

  2. Android Debug Bridge (ADB)

Module - 4 Android Architecture and Security Model

  1. A Brief Intro To Android

  2. Android Booting Process

  3. Android’s Architecture

  4. Android’s Data Structures and File Systems

  5. Android Applications

  6. Android Security Model

  7. Android Permissions

  8. Google Bouncer

Module - 5 Interacting With Android Devices

  1. Differences between Android Emulator and Android Device

  2. Interacting with Android Device via USB

  3. All About Rooting

  4. SSH

  5. VNC

  6. Busy Box

Module - 6 Android Network Analysis

  1. Setting Up A Proxy for Android Emulator

  2. Setting Up A Proxy for Android Device

  3. Installing CA Certificate

  4. Real World Man in the middle (MITM)

  5. Real World SSL Man in the middle (MITM) Attacks

  6. Data Manipulation

Module - 7 Android Reversing and Malware Analysis

  1. APK files in a Nutshell

  2. Introduction to Reverse Engineering

  3. Reversing to get Source code of the Application

  4. Reversing With APK tool

  5. Introduction To Android Malwares

  6. Static Analysis vs. Dynamic Analysis

  7. Dynamic Analysis of Android Malwares

  8. Static Analysis of Android Malwares

  9. Introduction To Android Tamer

  10. Dynamic Analysis Of Android Malware with Droid Box

Module - 8 Android Application Pentesting and Exploitation

  1. Installing JSinfosec Vulnerable Applications

  2. Introduction To Android Application Pentesting

  3. Fuzzing Android Applications with Burp - Proxy

  4. Fuzzing Android Applications with Burp – Intruder

  5. Attacking Authentication

  6. Content Provider Leakage

  7. Client Side Injection

  8. Insecure Data Storage - Shared Preferences

  9. Insecure Data Storage - SQLite Data bases

  10. Unintended Data Leakage

  11. Broken Cryptography

  12. Automated Security Assessments with Drozer

  13. Exploiting Android Devices Using Metasploit

Module - 9 Android Device and Data Security

  1. Android Device Protection

  2. Bypassing Android Locks

  3. Android Data Extraction

Module - 10 Using Android as a Pentesting Platform

  1. A Look into Commonly used Penetration testing & Hacking Android Applications

  2. PWN Pad on Nexus 7

  3. Kali Linux on Android

Module - 11 Conclusion And Road Ahead

  1. Android Pentesting Check List

  2. Android Security Practices

  3. Course Summary And Revision

  4. Conclusion


▶️ DTube
▶️ IPFS