Android Penetration Testing 101
The Foundation course for Android security and Penetration testing candidates.
Updated on May, 2024
Language - English
Android Security,Penetration Testing,Mobile Application testing,IT & Software
Lectures -23
Duration -3.5 hours
30-days Money-Back Guarantee
Get your team access to 10000+ top Tutorials Point courses anytime, anywhere.
Course Description
The Android Penetration Testing 101 course is designed for beginners who are interested in exploring Android security but don't know where to start. This comprehensive course covers everything from understanding the Android architecture to analyzing Android applications using various attack vectors.
Throughout the course, you will learn how to perform static analysis on Android applications, including those developed with frameworks like React Native, Java, Flutter, and Cordova. You'll be introduced to essential tools such as Jadx, Jeb decompiler, and GDA decompiler, which aid in the static analysis process. Additionally, the course covers the installation and usage of automated scanners like MOBSF, enabling you to perform dynamic analysis on apps and identify common vulnerabilities. The course also highlights the key endpoints to focus on during static analysis.
One of the most exciting aspects of penetration testing is dynamic analysis. In this course, you'll understand why dynamic analysis is crucial for mobile applications and its role in vulnerability hunting. The course provides a step-by-step guide for setting up a dynamic analysis lab, featuring the use of Burp Suite with Genymotion. SSL pinning is a fundamental concept covered extensively in the dynamic analysis section. The course explores SSL pinning in detail and demonstrates various methods to bypass it on Android.
To enhance your dynamic analysis skills, the course introduces powerful tools like Frida and objection, and provides instructions on their setup and usage. The course concludes with a live dynamic analysis session on an Android application, during which you'll learn how to identify common vulnerabilities, locate relevant endpoints, and extract sensitive information from the app's database.
As a bonus, the course includes an Android pentesting checklist, which serves as a handy reference guide during real-time analysis, ensuring a smoother pentesting experience.
Goals
What will you learn in this course:
Understand Android Architecture: Gain a comprehensive understanding of the Android architecture and its components, providing a solid foundation for Android security testing.
Perform Static Analysis: Learn how to conduct static analysis on Android applications developed using various frameworks such as React Native, Java, Flutter, and Cordova. Explore tools like Jadx, Jeb decompiler, and GDA decompiler to effectively analyze the code and identify vulnerabilities.
Utilize Automated Scanners: Master the installation and usage of automated scanners like MOBSF to perform dynamic analysis on Android applications. Learn how to identify common vulnerabilities during the scanning process and discover key endpoints for further investigation.
Explore Dynamic Analysis: Understand the importance of dynamic analysis in mobile application security testing and its role in hunting vulnerabilities. Set up a dynamic analysis lab using tools like Burp Suite and Genymotion to simulate real-world scenarios.
SSL Pinning and Bypass Techniques: Gain a deep understanding of SSL pinning and its significance in securing mobile applications. Explore various methods to bypass SSL pinning on Android devices to uncover potential vulnerabilities.
Dynamic Analysis Tools: Familiarize yourself with advanced dynamic analysis tools such as Frida and objection. Learn how to set up and utilize these tools effectively during dynamic analysis to identify vulnerabilities and extract sensitive information.
Live Dynamic Analysis: Perform a live dynamic analysis on an Android application, applying the knowledge gained throughout the course. Identify common vulnerabilities, locate relevant endpoints, and extract sensitive information from the app's database.
Android Pentesting Checklist: Acquire a handy checklist to assist in Android penetration testing. Use this reference guide during real-time analysis to ensure a systematic and thorough approach.
Prerequisites
What are the prerequisites for this course?
- Fulfill your curiosity and desire to learn something new through the Android Penetration Testing 101 course.
- Ensure your computer meets the minimum requirements of 8GB RAM and 100GB of available storage for a smooth learning experience.
- Prioritize gaining basic knowledge of Android development, as it will greatly enhance your understanding of the course material.
Curriculum
Check out the detailed breakdown of what’s inside the course
Introduction to the course
1 Lectures
-
Introduction to structure of the course
04:42
04:42
Penetration Testing
2 Lectures
Basic android concepts
4 Lectures
Static Analysis
6 Lectures
Dynamic Analysis
7 Lectures
Summary and Checklist
3 Lectures
Instructor Details
Sharanabasava MS
Course Certificate
Use your certificate to make a career change or to advance in your current career.
Our students work
with the Best
Related Video Courses
View MoreAnnual Membership
Become a valued member of Tutorials Point and enjoy unlimited access to our vast library of top-rated Video Courses
Subscribe now
Online Certifications
Master prominent technologies at full length and become a valued certified professional.
Explore Now