Android Application Penetration Testing

Exploiting Android Applications
3.5 (2 ratings) Instead of using a simple lifetime average, Udemy calculates a
course's star rating by considering a number of different factors
such as the number of ratings, the age of ratings, and the
likelihood of fraudulent ratings.
20 students enrolled
$19
$20
5% off
Take This Course
  • Lectures 47
  • Length 4.5 hours
  • Skill Level All Levels
  • Languages English
  • Includes Lifetime access
    30 day money back guarantee!
    Available on iOS and Android
    Certificate of Completion
Wishlisted Wishlist

How taking a course works

Discover

Find online courses made by experts from around the world.

Learn

Take your courses with you and learn anywhere, anytime.

Master

Learn and practice real-world skills and achieve your goals.

About This Course

Published 12/2014 English

Course Description

Android Application Penetraion Testing Course: Android Application Penetration Testing is a division of PENETRATION TESTING Domain that concentrates on PenTesting

Android applications on Android devices like mobiles and tablets. 
This course is intended students/professionals who are intended to make career in mobile penetration testing domain. 
The course covers in and out of , actually Hacking (Penetration)

Android Apps and INSEC-TECHS have developed vulnerable

Android Apps for students to practice Labs. INSEC-TECHS will share 14 such applications to learn Hacking Android Mobile Applications with crack challenges. Both InSEC-Techs iOS and Android Application Penetration Testing course is a highly practical and hands on video course. This course focuses on beginners as well as advanced users. Instructor has created all the required vulnerable applications in order for you to practice all the hands-on exercises demonstrated in this course in a legal environment. This course begins with very basics keeping beginners in mind. Even if you have worked on some Android app security assessments, there will be something new for you. After completing this course, you will learn where to start iOS app penetration testing, Pentesting iOS Apps, Network monitoring on iDevices and finally some automated tools to complete the task. It contains more than 14 challenges to crack. Instructor explains all the solutions when and where it is required.

The course is designed as a complete guide to understand and practice Android Mobile app hacking efficiently in real time. This is online certification Course by InSEC-Techs and your doubts related to the subject are solved for ever on discussion board. We provide you material and references to get more understanding and learning this tool. The course is very well structured, explaining the terminologies , functionality and lab practicals are very well shown as feeding baby a banana.

What are the requirements?

  • Need to have any Android Device

What am I going to get from this course?

  • y the End of this course, you will gain exposure to different android app vulnerabilities
  • By the End of this course, you will gain expersie in Penetration Testing iDevices like android mobile apps in all Android devices
  • By the End of this course, you will gain required knowledge,skills and Certification to apply jobs

What is the target audience?

  • CSE/IT/B.Sc & M.Sc Comuter Science related students
  • Ethical Hacking Students
  • Security Analysts
  • Law Enforcement Professionals
  • For IT Professionals working in Android Development domain.
  • For IT profesionals woriking in IT-Security domain'
  • IT Geeks

What you get with this course?

Not for you? No problem.
30 day money back guarantee.

Forever yours.
Lifetime access.

Learn on the go.
Desktop, iOS and Android.

Get rewarded.
Certificate of completion.

Curriculum

Section 1: Introduction to Android
Introduction
Preview
04:23
Android Architecture
Preview
07:36
Software Installations
Preview
07:04
Creating an Emulator
Preview
04:22
Section 2: Android Security Model
Android Security Model Basics
06:50
App Sandboxing
08:00
Secure interprocess communication
10:15
Application Signing
08:16
App Permissions
07:25
Section 3: App Development Basics
Understanding Android App Structure
06:43
Building a simple App
11:29
Section 4: Seurity Auditing of Android Apps : OWASP top 10
M1: Introduction
02:52
M2:Insecure Data Storage: Shared Preferences
07:17
M2:Insecure Data Storage: Shared Preferences: Look at Code
03:39
M2 Insecure Data Storage: SQLITE Database
07:41
M2: SQLITE Data Storage: Look at code
03:26
M3 – Insufficient Transport layer protection / Intro & HTTP traffic interception
09:41
M3 – Insufficient Transport layer protection --- Intercepting HTTPS traffic
07:20
M3 – Insufficient Transport layer protection --- The Coffee shop attack
10:13
M3 Insufficient Transport ../ Passive analysis with tcpdump & Wireshark
07:38
M4 – Unintended Data Leakage -- Reading the clipboard
07:16
M4 – Unintended Data Leakage -- Reading the clipboard - Look at Code
01:45
M4 – Unintended Data Leakage --Logging
05:09
M4 – Unintended Data Leakage --Logging -- Look at Code
02:07
M5: Poor Authentication and Authorization
03:42
M6: Broken Cryptography
08:15
M7 – Client Side Attack-- SQL Injection at Client Side
03:29
M7 - SQL INJECTION -- LOOK AT CODE
02:58
M7 - frame injection in webviews
02:18
M7 - frame injection in webviews -- Look at Code
02:44
M8 – Security Decisions via untrusted inputs -- Intent Spoofing
05:08
M9 – Improper Session Handling
04:05
M10 – Lack of binary protection -- Introduction
02:16
M10 - Reversing android apps with APKTOOL
03:38
M10 - Reversing android apps with dex2jar & JD-GUI
03:23
M10 - Finding Content Provider URIs using APKTOOL.
03:20
Section 5: Automated security assessments with Drozer
Setting up Drozer
05:03
Intent Spoofing
08:55
Exploiting content provider leakage
07:00
SQL Injection in content provider
09:52
Section 6: Native Exploitation
Android exploitation mitigation techniques
03:52
ARM - Advanced Risc Machines
02:45
Setting up GDB for debugging
06:28
Running a C programe on android device.
06:42
Format string vulnerabilities in ARM
09:54
Section 7: Android Forensics
Android Forensics
09:30
SQLite data recovery
05:24
Section 8: Materials

Students Who Viewed This Course Also Viewed

  • Loading
  • Loading
  • Loading

Instructor Biography

InSEC- Techs, Information Security Technologies

InSEC-Techs (Information Security Technologies) www insectechs dot in is an integrated single-source IT training company providing classroom and distance courses like PHP, Ethical Hacking, Web Application Penetration Testing, Python, C language, Perl, CCNA and web development firm with uniquely competent, professional and creative website designing & internet marketing company providing full featured internet marketing solutions and web services including B2B & B2C e-commerce solutions which also acts as an offshore development center for overseas development firms to help them optimize their business significance in the global market- With one phone call you get a team of highly-skilled experts with a business-driven common-sense approach-

InSEC-Techs ensure that individual care is taken in classroom while conducting sessions- We will not have more than seven students per batch in a single session to shoot more concentration on each student-

Kiran Thirukovela, 31 years old Cyber-techie and Cheif Executive Officer (CEO) of InSEC-Techs (Information Security Technologies)

Dropped out B-Techs (ECE) by choice and B-SC (Computer Science)and stepped into the world of Computers and networking- Kiran holds IT certification like
MCSA: Microsoft Certified System Administrator
CCNA: Cisco Certified Network Administrator
IINS: Implementing IOS Network Security Expert
CCNP: Cisco Certified Network Professional
CCNP-Sec: Cisco Certified Network Professional Security
CCSP: Cisco Certified SecurityProfessional
AFCEH: Ankit Fadia Certified Ethical Hacker
CHFI: Computer Hacking Forensic Investigator

Kiran has authored book "Cyber Crimes Investigation" with co-author Mr- Benild Joseph- A Book written for law enforcement agencies in india- Kiran is Network Security professional with 5+ years of experience and 3+ years of as Ethical Hacking trainer-
He specializes in Web Application security, Penetration testing and Forensic investigation and solved cyber crime cases in India and kenya-

Nipun:

Nipun is well-known IT security Researcher, Well Known for his activities in the field of ethical hacking and cyber forensics - Mr- Nipun was an Independent security expert , who works on cyber crime cases and investigations , he was the Ex-C-T-O in Secugenius Security Solutions , Also He Worked As A Security Analyst in a Company - During His Career He has Pen-tested over 100+ Servers And Solved Many Cyber Crime Cases ,
He Has Trained Over 5000+ students in the field of ethical hacking and penetration testing , he is the currently the ambassador for EC-COUNCIL Programs In Lovely Professional University (First Indian University To Tie Up With EC-COUNCIL)- He is Currently Pursuing Masters In Technology (M-TECH) From LPU Itself - He Has Been The Speaker At Several National Level Confrences - His Security Research Papers Are Published Over Many Sites Like Packetstorm, SourceForge Etc-

Achievements of His Careers:

a- Certified Ethical Hacker (EC-COUNCIL C|EH)
b- Certified Information Security Expert (CISE)
c- Ankit Fadia's Certified Ethical Hacker (AFCEH 5-0)
d- Winner Of Innobuzz Best Blog Competition (2010)
e- Ambassador Of EC-COUNCIL @ Lovely Professional University
f- Ex- Chief Technical Officer At Secugenius Security Solutions
g- Ex- Security Analyst At Cyber Cure Solutions Delhi
h- Founder/Admin Of Starthack.
i- Founder/Admin Of Indian Cyber Police (Among Most Active HAcker's group of india)
j- Administrator of various Forum
k- Admin Of Hacker's Group Ap3x_nd_h4ck0
l- Respected V-I-P Member Of International Hacker's Forum (MADLEETS Pakistan)

m- Presenter At HATCON LPU & HATCON KANPUR

n- Presenter At DEFCON Groups (DC141001)

1-Defcon Rajasthan :
2- Defcon Punjab :

o- Presently writing two books On Web application Hacking And Metasploit Framework

p- Trained Over 5000 Students And Delivered Over 50+ Workshops

q- Worked On Cyber Crime Cases-

r- Secured Over 1000 Domains

s- Regular Author At Packet Storm Security.

Bio: Mr- Srinivas

Mr- Srininvas is Security Analyst and Ethical Hacking Trainer Since 6 Years and addressed over 50 workshops and Seminars- He is Co-Author of the Book "Hacking S3crets", along with Sai Satish and Aditya Gupta-

Srininvas is also moderator of famous Hacking Forum based website andhrahackers and contributed SQL Injection articles to World's leading hacking magazine "hackin9"-

Srininvas was honoured with "PRATHIBHA" Award by Govt- of Andhra Pradesh in Year 2008-

Ready to start learning?
Take This Course