Android Pentesting - Hands-On

beginner
hands-on

Register

Android Pentesting Training is a One-Day Hands-On Training to be conducted at Seasides.

The training is carefully crafted for students as well as professionals interested in making a head-start into Android Information Security domain.

This training involves real world scenarios that every security professional must be well versed with. It involves understanding Android Application Package (APK) and methodologies to properly analyze apps from zero.

It covers the internals of Android Penetration testing, starting from the understanding lab setup, real time testing of applications, overcoming hurdles while testing through concepts of dynamic instrumentation and covering OWASP Mobile Top 10 vulnerabilities.

Following topics will be covered during the session:

  1. Understanding penetration testing lab environment
  2. Reversing Android Application (APK)
  3. Analyzing the application code and finding the vulnerabilities
  4. Hands-on Static Analysis
  5. Hands-on Dynamic Analysis
  6. Decompiling application code to understand implementation logic
  7. Recompiling Android app code to bypass various validation checks
  8. Dynamic Instrumentation using tools like Frida
  9. Cover OWASP Mobile Top 10 (inlcuding but not limited to following):
    • Insecure Data Storage
    • Code Tampering
    • Insecure Authentication
    • Reverse Engineering
    • Hunting for hardcoded information, etc

TARGET AUDIENCE

According to the feedback we have collected from our previous trainings, students who have mobile application development and application penetration testing experience enjoyed and benefited the most from the course.

What will you learn!

  • Android Hacking
  • Android App Reversing
  • Mobile Application Security
  • Finding Vulnerabilities

REQUIREMENTS

  • Laptop with minimum 30 GB Hard Disk Space & 8 GB RAM with administrative privileges (Linux preferred)
  • Updated Virtual-box installed
  • 2 Functional USB Ports

About Trainer :

Shivang Desai is a senior security researcher at Microsoft. His work majorly focuses on enhancing security for mobile products and developing methodologies to mitigate further attacks on organisations.

He has 9+ years of experience in the mobile security field. He is an avid blogger and his blogs have been referenced in various international media including Forbes, Fox News, The Mirror, The Register, etc.

Gatin Shah is a senior security consultant at Redhuntlabs. His work focuses on enhancing security for Web, Mobile, and API application testing and mitigating attacks on organizations.

I have 6+ years of experience in the VAPT security field. My Hobbies are playing cricket and exploring the world.