Moocable is learner-supported. When you buy through links on our site, we may earn an affiliate commission.
Information Security

Android App Penetration Testing

via LinkedIn Learning

Description

Get a structured, comprehensive approach for testing Android apps. Learn how to leverage key penetration testing tools and frameworks to uncover common security vulnerabilities.

Tags
Cyber Espionage Higher Education

Syllabus

Introduction
  • Pentesting Android apps
  • What you should know
  • Overview of Android
1. Android Application Components
  • Activity and services
  • Content providers and receivers
2. Aspects of Android Security
  • Web vs. Android security
  • Domains of Android security
  • Common terminologies
  • Lab setup
3. Static Application Testing
  • Introduction to MobSF
  • Setting up MobSF
  • Scanning target applications
  • Manifest analysis
  • Code analysis
4. Dynamic Application Testing, Part 1
  • Introduction to Burp Suite
  • Burp Suite setup on workstation
  • Burp Suite setup on test device
  • Application testing: Brute force
  • Application testing: Password change
5. Platform Interaction Testing
  • Introduction to Android Debug Bridge
  • Basic adb commands
  • Testing platform: Insecure logging
  • Testing platform: Insecure data storage
6. Dynamic Application Testing, Part 2
  • Introduction to drozer
  • drozer architecture
  • drozer setup
  • Sieve application overview
  • Basic commands
  • Activity testing
  • Content provider testing
  • Content provider testing: SQL injection
Conclusion
  • Mobile OWASP Top 10
  • Next steps

Start Learning Find study partner
Online Course
Information Security

Android App Penetration Testing

via LinkedIn Learning
Start Learning Find study partner
Affiliate notice

Get a structured, comprehensive approach for testing Android apps. Learn how to leverage key penetration testing tools and frameworks to uncover common security vulnerabilities.

Introduction
  • Pentesting Android apps
  • What you should know
  • Overview of Android
1. Android Application Components
  • Activity and services
  • Content providers and receivers
2. Aspects of Android Security
  • Web vs. Android security
  • Domains of Android security
  • Common terminologies
  • Lab setup
3. Static Application Testing
  • Introduction to MobSF
  • Setting up MobSF
  • Scanning target applications
  • Manifest analysis
  • Code analysis
4. Dynamic Application Testing, Part 1
  • Introduction to Burp Suite
  • Burp Suite setup on workstation
  • Burp Suite setup on test device
  • Application testing: Brute force
  • Application testing: Password change
5. Platform Interaction Testing
  • Introduction to Android Debug Bridge
  • Basic adb commands
  • Testing platform: Insecure logging
  • Testing platform: Insecure data storage
6. Dynamic Application Testing, Part 2
  • Introduction to drozer
  • drozer architecture
  • drozer setup
  • Sieve application overview
  • Basic commands
  • Activity testing
  • Content provider testing
  • Content provider testing: SQL injection
Conclusion
  • Mobile OWASP Top 10
  • Next steps

Tags

Cyber Espionage Higher Education

Quick Links

Browse by subject

Browse by provider

Browse by university

Browse by publisher

Browse by institution

Roadmaps

Posts