Android Application Penetration Testing

This document outlines a syllabus for an Android Application Penetration Testing course. The syllabus covers topics like setting up a lab environment, understanding Android architecture, unpacking and reversing apps, analyzing apps for security issues, and reporting on penetration tests. It includes 14 modules on these types of topics.

Uploaded by

tapiwarusike

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

34 views3 pages

Android Application Penetration Testing

Uploaded by

tapiwarusike

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 3

Android Application Penetration Testing

Syllabus

 Module 1: Introduction
 Understanding the Basics of Android Penetration
Testing
 Differentiating between Android Pentesting & Bug
Bounty Approach

 Module 2: Understanding Android Application Attack

Surface
 Types Android Application Attack Surface

 Module 3: Lab Environment Setup

 Genymotion Android Emulator Installation
 Installing Android App Components (GSuite)
 Installing Android App Components ARM Translator
 Android Pentesting Portable Integrated Environment

 Module 4: Android Debug Bridge Setup

 Setting up Android Debug Bridge

 Module 5: Delving into Android Architecture

 Overview of Android's Security Architecture
 Android Architecture
 Comparing Dalvik Virtual Machine (DVM) and
Android Runtime (ART)

 Module 6: Android Application Compilation and

Structure
 Understanding the Source Code Compilation Process
 Structure of an Android App

 Module 7: Unpacking and Reversing Android

Applications
 Unzipping and Unpacking Android Applications
 Reversing an Android Application using dex2jar
 Reversing an Android Application using apktools
 Jdgui

 Module 8: Manifest and Signing Android Applications

 Android Application Manifest Overview
 Manual and Automated Signing of Android
Applications

 Module 9: Source Code Analysis and Protection

 Understanding Code Obfuscation and Code
Protection
 Conducting Static Source Code Analysis
 Understanding the android-debug

 Module 10: Dynamic Security Analysis

 Steps for Dynamic Security Analysis of Application
 Utilizing Drozer Security Testing Framework for
Dynamic Security Analysis
 Performing Dynamic Security Analysis using BurpSuite

 Module 11: Common Android Security Issues

 Insecure Protocols
 Insecure Logging Security Issues
 Insecure Sensitive Hardcoding Issues
 Cryptographic Storage Issues: Shared Preferences,
SQLite, Internal Storage
 Addressing Application Level Denial-of-Service
 Recognizing Insecure Backup Storage
 Sensitive Data Copied to Clipboard

 Module 12: OAuth Tokens and 2FA

 Understanding Leaking OAuth Tokens in Android
logcat
 Insecure Authentication and Authorization
 Bypassing Second Factor Authentication (2FA)

 Module 13: Application Vulnerabilities and Exploits

 Insecure Direct Object References (IDOR)
 Local File Inclusion
 Insufficient Anti Automation
 Injection Flaws: SQL, HTML, XSS

 Module 14: Penetration Testing Report

 Android Penetration Testing Report - Test Cases

A Step-By-Step Android Penetration Testing Guide For Beginners
No ratings yet
A Step-By-Step Android Penetration Testing Guide For Beginners
39 pages
DP-2200 Manual Servicio Ingles
100% (2)
DP-2200 Manual Servicio Ingles
68 pages
Adams 2022.1 Installation Guide
No ratings yet
Adams 2022.1 Installation Guide
138 pages
ENODE Distributed IO Controller Operations Manual 1000003483 RevR
100% (1)
ENODE Distributed IO Controller Operations Manual 1000003483 RevR
83 pages
Android Pentesting Basics - Academic Structured
No ratings yet
Android Pentesting Basics - Academic Structured
2 pages
Android Mobile Application Hacking 3 Day Hands On Syllabus
No ratings yet
Android Mobile Application Hacking 3 Day Hands On Syllabus
5 pages
T19 Prateek
No ratings yet
T19 Prateek
5 pages
Android Pentration Testing Checklist
No ratings yet
Android Pentration Testing Checklist
3 pages
Android Bug Bounty Training For InfoSec Startups PDF
No ratings yet
Android Bug Bounty Training For InfoSec Startups PDF
8 pages
MPT
No ratings yet
MPT
4 pages
Android Mobile Application Development Syllabus For Bachelor
No ratings yet
Android Mobile Application Development Syllabus For Bachelor
2 pages
Syllabus MASPTv2 PDF
No ratings yet
Syllabus MASPTv2 PDF
20 pages
Class Activity 04
No ratings yet
Class Activity 04
2 pages
Check List - Mobile Application Testing II
0% (1)
Check List - Mobile Application Testing II
24 pages
BCMP Brochure Daas
No ratings yet
BCMP Brochure Daas
2 pages
Adb Components: MPT Class
No ratings yet
Adb Components: MPT Class
16 pages
Android - Syllabus - IPR Solution
No ratings yet
Android - Syllabus - IPR Solution
4 pages
Android Syllabus: Java Concepts Basic
No ratings yet
Android Syllabus: Java Concepts Basic
3 pages
Hacking The Android APK Training
No ratings yet
Hacking The Android APK Training
2 pages
Hacking The Android APK Training
No ratings yet
Hacking The Android APK Training
2 pages
MAD Introduction
No ratings yet
MAD Introduction
13 pages
CS - CS 210 (Programming 3)
No ratings yet
CS - CS 210 (Programming 3)
4 pages
DCAP Android App Pentesting Syllabus
No ratings yet
DCAP Android App Pentesting Syllabus
8 pages
01ce0704 Android Programming
No ratings yet
01ce0704 Android Programming
4 pages
MASPT at A Glance
No ratings yet
MASPT at A Glance
14 pages
Ist Ul MSC Thesis
No ratings yet
Ist Ul MSC Thesis
78 pages
Syllabus: Android Training Course: 1. JAVA Concepts
No ratings yet
Syllabus: Android Training Course: 1. JAVA Concepts
6 pages
Assignment MAD
No ratings yet
Assignment MAD
2 pages
JAVA Concepts: Android Training Course Syllabus Ipsr Solutions LTD
No ratings yet
JAVA Concepts: Android Training Course Syllabus Ipsr Solutions LTD
4 pages
Mobile Application Security and Penetration Testing: Syllabus
No ratings yet
Mobile Application Security and Penetration Testing: Syllabus
14 pages
Cse3012 Mobile-Application-Development LP 1.0 7 Cse3012 Mobile-Application-Development LP 1.0 1 Mobile Application Development
100% (1)
Cse3012 Mobile-Application-Development LP 1.0 7 Cse3012 Mobile-Application-Development LP 1.0 1 Mobile Application Development
3 pages
Android Syllabus
No ratings yet
Android Syllabus
4 pages
Android Syllabus: Getting Started With Android
No ratings yet
Android Syllabus: Getting Started With Android
2 pages
Android Application Development Session
No ratings yet
Android Application Development Session
22 pages
24BCA542
No ratings yet
24BCA542
3 pages
Course Outlines Android
No ratings yet
Course Outlines Android
3 pages
Android Development Syllabus
No ratings yet
Android Development Syllabus
3 pages
Certified Android Professional
No ratings yet
Certified Android Professional
5 pages
BSD 422 Mobile App Development
No ratings yet
BSD 422 Mobile App Development
4 pages
Android Mobile Application Development
No ratings yet
Android Mobile Application Development
2 pages
Report SOC
No ratings yet
Report SOC
10 pages
Co-Requisite: Prerequisite: Data Book / Codes/Standards Course Category Course Designed by Approval
0% (1)
Co-Requisite: Prerequisite: Data Book / Codes/Standards Course Category Course Designed by Approval
2 pages
AP Syllabus
No ratings yet
AP Syllabus
3 pages
Lucideus ISACA Mobile App VAPT Workshop
No ratings yet
Lucideus ISACA Mobile App VAPT Workshop
7 pages
Sarvajanik University Sarvajanik College of Engineering and Technology
No ratings yet
Sarvajanik University Sarvajanik College of Engineering and Technology
5 pages
Android Syllabus: Coverage
No ratings yet
Android Syllabus: Coverage
2 pages
Android Application Development
No ratings yet
Android Application Development
2 pages
Android Essentials: Course Overview
No ratings yet
Android Essentials: Course Overview
4 pages
B.SC., COMPUTER-SCIENCE III YEAR V-SEM SYLLABUS
No ratings yet
B.SC., COMPUTER-SCIENCE III YEAR V-SEM SYLLABUS
19 pages
Android Rooting
No ratings yet
Android Rooting
7 pages
Cs 315 - Android Development Syllabus
No ratings yet
Cs 315 - Android Development Syllabus
4 pages
Android Security and Penetration Testing Resources
No ratings yet
Android Security and Penetration Testing Resources
9 pages
Android Syllabus
No ratings yet
Android Syllabus
3 pages
Android Pentesting
No ratings yet
Android Pentesting
23 pages
Live Memory Forensics On Android With Volatility
No ratings yet
Live Memory Forensics On Android With Volatility
109 pages
ANDROID APPLICATION COURSE CONTENT Atc PDF
0% (1)
ANDROID APPLICATION COURSE CONTENT Atc PDF
7 pages
Syllabus
No ratings yet
Syllabus
3 pages
393 Syllabus 2017-2018 MCA
No ratings yet
393 Syllabus 2017-2018 MCA
2 pages
Mobile Penetration Testing Guide
No ratings yet
Mobile Penetration Testing Guide
110 pages
MASPTv2.5 NotesList
No ratings yet
MASPTv2.5 NotesList
8 pages
ASSESSMENT REPORT Mobile Application Penetration Testing
No ratings yet
ASSESSMENT REPORT Mobile Application Penetration Testing
38 pages
Day 9 Last Day
No ratings yet
Day 9 Last Day
7 pages
Location of Vulnerability
No ratings yet
Location of Vulnerability
4 pages
24 Vir Journal
No ratings yet
24 Vir Journal
120 pages
TPCA8123 Datasheet en 20140303
No ratings yet
TPCA8123 Datasheet en 20140303
9 pages
Couch-7Ed Int Edition Student Solutions Manual
No ratings yet
Couch-7Ed Int Edition Student Solutions Manual
107 pages
DX Diag
No ratings yet
DX Diag
30 pages
Doca0130en 01 PDF
No ratings yet
Doca0130en 01 PDF
76 pages
Transmisor Indicador de Presion - Microcyber NCS-PT105 II DP
No ratings yet
Transmisor Indicador de Presion - Microcyber NCS-PT105 II DP
6 pages
Pratt Chapter 2
No ratings yet
Pratt Chapter 2
41 pages
KRL Institute of Technology, Kahuta: CIT-2 Year Subject: Digital & Industrial Electronics Multiple Choice Questions
No ratings yet
KRL Institute of Technology, Kahuta: CIT-2 Year Subject: Digital & Industrial Electronics Multiple Choice Questions
7 pages
6SL3220-3YE32-0AF0 Datasheet en
No ratings yet
6SL3220-3YE32-0AF0 Datasheet en
3 pages
Lecture#1-Introduction To DIP
No ratings yet
Lecture#1-Introduction To DIP
19 pages
High-Performance Silicon-Gate CMOS: Semiconductor Technical Data
No ratings yet
High-Performance Silicon-Gate CMOS: Semiconductor Technical Data
5 pages
Microsoft - AZ-900.v2020-05-10.q66: Show Answer
No ratings yet
Microsoft - AZ-900.v2020-05-10.q66: Show Answer
42 pages
Interface MSP430 With LCD
100% (3)
Interface MSP430 With LCD
3 pages
Unit-2 - Kec503 DSP - 2023-24
No ratings yet
Unit-2 - Kec503 DSP - 2023-24
22 pages
ICT913 Networking - (Assessment 2) (Student-1)
No ratings yet
ICT913 Networking - (Assessment 2) (Student-1)
9 pages
MechaProg A Description
67% (3)
MechaProg A Description
5 pages
Tas 5707 A
No ratings yet
Tas 5707 A
59 pages
Th-F6a F7e SM
100% (1)
Th-F6a F7e SM
74 pages
Osp 3000L Alarm List
No ratings yet
Osp 3000L Alarm List
23 pages
SUN2000-330KTL-H2 Output Characteristics Curve
No ratings yet
SUN2000-330KTL-H2 Output Characteristics Curve
7 pages
Mercury Inverters - Mercury 3kva Online UPS Single Phase HP930C-S
No ratings yet
Mercury Inverters - Mercury 3kva Online UPS Single Phase HP930C-S
4 pages
2.1 Differential Protection - Questions
No ratings yet
2.1 Differential Protection - Questions
7 pages
Task 1
No ratings yet
Task 1
3 pages
Os Chapter 1
No ratings yet
Os Chapter 1
8 pages
Network TroubleShooting
No ratings yet
Network TroubleShooting
4 pages
Driver, Servo Motores ... DX02 - WAR1
No ratings yet
Driver, Servo Motores ... DX02 - WAR1
44 pages
Logic Gate (AND, OR, XOR, NOT, Nand, Nor, and Xnor)
No ratings yet
Logic Gate (AND, OR, XOR, NOT, Nand, Nor, and Xnor)
8 pages
CDS SET-1 - Merged
No ratings yet
CDS SET-1 - Merged
175 pages