Learning Pentesting for Android Devices
Android is the most popular mobile smartphone operating system at present, with over a million applications. Every day hundreds of applications are published to the PlayStore, which users from all over the world download and use. Often, these applications have serious security weaknesses in them, which could lead an attacker to exploit the application and get access to sensitive information. This is where penetration testing comes into play to check for various vulnerabilities.
We will then move to a dynamic analysis of Android applications, where we will learn how to capture and analyze network traffic on Android devices and extract sensitive information and files from a packet capture from an Android device. We will then learn some different ways of doing Android forensics and use tools such as Lime and Volatility. After that, we will look into SQLite databases, and learn to find and exploit the injection vulnerabilities. Also, we will look into webkit-based vulnerabilities; root exploits, and how to exploit devices to get full access along with a reverse connect shell. Finally, we will learn how to write a penetration testing report for an Android application auditing project.
|Course Length||4 hours 37 minutes|
|Date Of Publication||26 Mar 2014|