Android Penetration Testing
About Course
Android Pentesting TRAINING
Requirements:
-
The course starts from basics, however, it is good to have basic knowledge of web applications & API pen-testing.
Topics:
- Introduction to Android Architecture
- Concept of Android Terminologies
- Android Signing Process
- Android Pentesting Setup
- Static Analysis
- Dynamic Analysis
- SSL Pinning Bypass
- OWASP Mobile TOP 10
Android Pentesting Setup
Introduction to Android Pentesting:
- Pentesting Process / Stages
- How android Pentesting works
Introduction to Android Architecture
- Android Security Architecture
- Role of Services, Activities, Permissions, etc…
- Application Security and Signing Process
Android Pentesting Setup
We will see How you can set up an Android Pentesting Lab with so many tools and their alternatives
Android Static Analysis
- Pull APK From Play Store
- How to find Hardcoded Strings
- How to find sensitive information (API-Keys, Credentials etc..)
- How to enumerate Firebase Databases
- Android Backup Exploit
- Task Hijacking
- How to Exploit Activities, Services, Providers & Broadcast Receivers.
- Insecure Platform Usage
- Insecure Data Storage
- Improper Transport Usage (Logcat)
- Automated Static Analysis MobSF
Android Dynamic Analysis
- What is SSL Pinning
- How to Bypass SSL Pinning Through various ways
- Dynamic Analysis using MobSF
- Introduction to Burp Suite / Installation
- Introduction about Frida / Objection
- Vulnerability Testing
Android Bug Bounty Hunting
- Live Android App Hunting
Benefits :
- Get ISO Certified Certification
Course Content
Introduction to Android Penetration Testing
-
Join WhatsApp Group