Udemy
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
Development
Web Development Data Science Mobile Development Programming Languages Game Development Database Design & Development Software Testing Software Engineering Development Tools No-Code Development
Business
Entrepreneurship Communications Management Sales Business Strategy Operations Project Management Business Law Business Analytics & Intelligence Human Resources Industry E-Commerce Media Real Estate Other Business
Finance & Accounting
Accounting & Bookkeeping Compliance Cryptocurrency & Blockchain Economics Finance Finance Cert & Exam Prep Financial Modeling & Analysis Investing & Trading Money Management Tools Taxes Other Finance & Accounting
IT & Software
IT Certification Network & Security Hardware Operating Systems Other IT & Software
Office Productivity
Microsoft Apple Google SAP Oracle Other Office Productivity
Personal Development
Personal Transformation Personal Productivity Leadership Career Development Parenting & Relationships Happiness Esoteric Practices Religion & Spirituality Personal Brand Building Creativity Influence Self Esteem & Confidence Stress Management Memory & Study Skills Motivation Other Personal Development
Design
Web Design Graphic Design & Illustration Design Tools User Experience Design Game Design Design Thinking 3D & Animation Fashion Design Architectural Design Interior Design Other Design
Marketing
Digital Marketing Search Engine Optimization Social Media Marketing Branding Marketing Fundamentals Marketing Analytics & Automation Public Relations Advertising Video & Mobile Marketing Content Marketing Growth Hacking Affiliate Marketing Product Marketing Other Marketing
Lifestyle
Arts & Crafts Beauty & Makeup Esoteric Practices Food & Beverage Gaming Home Improvement Pet Care & Training Travel Other Lifestyle
Photography & Video
Digital Photography Photography Portrait Photography Photography Tools Commercial Photography Video Design Other Photography & Video
Health & Fitness
Fitness General Health Sports Nutrition Yoga Mental Health Dieting Self Defense Safety & First Aid Dance Meditation Other Health & Fitness
Music
Instruments Music Production Music Fundamentals Vocal Music Techniques Music Software Other Music
Teaching & Academics
Engineering Humanities Math Science Online Education Social Science Language Teacher Training Test Prep Other Teaching & Academics
AWS Certification Microsoft Certification AWS Certified Solutions Architect - Associate AWS Certified Cloud Practitioner CompTIA A+ Cisco CCNA Amazon AWS CompTIA Security+ Microsoft AZ-900
Graphic Design Photoshop Adobe Illustrator Drawing Digital Painting InDesign Character Design Canva Design Theory
Life Coach Training Personal Development Neuro-Linguistic Programming Personal Transformation Mindfulness Life Purpose Meditation CBT Emotional Intelligence
Web Development JavaScript React CSS Angular PHP Node.Js WordPress Vue JS
Google Flutter Android Development iOS Development React Native Swift Dart (programming language) Mobile Development Kotlin SwiftUI
Digital Marketing Google Ads (Adwords) Social Media Marketing Marketing Strategy Google Ads (AdWords) Certification Internet Marketing YouTube Marketing Email Marketing Instagram Marketing
Microsoft Power BI SQL Tableau Business Analysis Data Modeling Business Intelligence MySQL Data Analysis Blockchain
Business Fundamentals Entrepreneurship Fundamentals Business Strategy Startup Business Plan Freelancing Online Business Blogging Home Business
Unity Game Development Fundamentals Unreal Engine C# 3D Game Development C++ 2D Game Development Unreal Engine Blueprints Blender
30-Day Money-Back Guarantee
IT & Software Network & Security Ethical Hacking

Hacking and Pentesting Android Applications

Learn how to pentest Android Applications using the modern day pentesting tools and techniques
Rating: 4.6 out of 54.6 (130 ratings)
740 students
Created by Srinivas .
Last updated 4/2021
English
English [Auto]
30-Day Money-Back Guarantee

What you'll learn

  • Learn the fundamentals of Android Application Penetration Testing
  • Learn how to Reverse Engineer Android Apps
  • Learn how to patch Android Apps using apktool to bypass SSL Pinning
  • Learn how to bypass Jailbreak detection in Android Apps using objection
  • Learn how to trace crypto calls made by an Android app using Frida
  • Learn Android Application Penetration Testing using the modern day tools and techniques - Good Bye to old school tools
  • Learn how to use Frida to invoke functions from within the App
  • Learn Mobile App Pentesting to begin your bug bounty journey

Requirements

  • The course covers all the required basics

Description

This course is created with an idea of saying Bye Bye to outdated Android application penetration testing tools and techniques. Let us learn Android Application Penetration Testing the right way with right tools and techniques.

This course introduces students to the security concepts associated with Android Apps developed using Android Programming Language. This is an intermediate level course, which begins with beginner level concepts. This course covers a variety of concepts such as Android Application structure, Reversing Android Apps, Bypassing client side restrictions such as root detection, SSL Pinning etc. This course uses two vulnerable applications developed by the instructor to demonstrate how Android App vulnerabilities can be identified and exploited. This course teaches you how to identify a variety of Android App vulnerabilities such as Insecure Data Storage, Insecure Logging, Weak Jailbreak detection, insecure end to end encryption, SQL Injection etc.

The best part of the course is that you will get a detailed understanding of how to trace an Android app's runtime and write a bunch of Frida scripts to pentest the target applications.  The best part of the course is that you will get a detailed understanding of how to trace an Android app's runtime and write a bunch of Frida scripts to pentest the target applications.

Who this course is for:

  • Penetration Testers
  • Mobile Application Developers
  • Security professionals who are interested in Mobile App Security
  • Anyone who is interested in ethical hacking and penetration testing
  • Anyone who is interested in information security concepts

Course content

7 sections • 48 lectures • 4h 36m total length

  • Preview02:46

  • Introduction
    00:38
  • APK File structure
    08:21
  • Exploring Android Apps on the device
    08:37

  • Introduction
    00:38
  • Android lab setup pre-requisites
    03:05
  • Challenges with Android lab setup
    01:12
  • Vulnerable Apps & VM - Download
    00:17
  • Lab setup using an Android emulator
    12:47
  • Lab setup using a Non Rooted Android Phone
    09:25

  • Introduction
    00:50
  • Introduction to Android App Pentesting
    02:49
  • Reversing Android Apps with APKTOOL
    09:12
  • Reversing Android Apps with dex2jar and JD-GUI
    04:12
  • Intercepting HTTP Traffic
    11:17
  • Intercepting HTTPS Traffic
    17:29
  • Insecure Data Storage vulnerabilities
    07:36
  • Server Side Vulnerabilities
    07:18
  • Introduction to client side vulnerabilities
    01:24
  • Weak Crypto and Authorization Vulnerabilties
    07:01
  • Exported Application Components
    14:27
  • Insecure Logging
    02:04
  • Client Side Injection
    04:09
  • Clipboard - Copy Paste issues
    01:35

  • Introduction
    00:44
  • Introduction to client side protections in Android Apps
    02:55
  • Introduction to Frida
    01:46
  • Root Detection Bypass using Objection
    17:57
  • Insecure Local Data Storage - Revisited
    05:07
  • Client side SQL Injection - Revisited
    01:32
  • Preview06:22
  • Introduction to Frida CLI
    02:58
  • How Frida Scripts work?
    02:40
  • Creating a JavaScript template for writing Frida Scripts
    09:26
  • Enumerating loaded classes using Frida
    07:13
  • Getting class properties using Frida
    07:03
  • Bypassing Root Detection using Frida
    05:42
  • Dumping string arguments using Frida
    08:13
  • Tracing WebView calls using Frida
    02:49
  • Introduction to end to end encryption
    08:31
  • Dumping encryption keys using Frida
    11:05
  • SQL Injection with encrypted Payloads
    08:07
  • Preview05:45
  • Bypassing SSL Pinning using Frida
    12:30
  • Fixing errors in SSL Pinning Bypass script
    00:49
  • Reversing and Patching Android Apps to bypass SSL Pinning
    07:53

  • Conclusion
    00:21

  • Bonus Lecture
    00:15

Instructor

Srinivas .
Your instructor
Srinivas .
  • 4.4 Instructor Rating
  • 1,407 Reviews
  • 24,801 Students
  • 13 Courses

Srinivas is an Infosec professional with interest in teaching information security concepts. He is an OSCP and OSCE. He has extensive experience in penetration testing web, network and mobile apps. The aim of these courses is giving the best quality infosec courses at an affordable price. All of these courses contain hands on labs and very detailed explanations.

  • Udemy for Business
  • Teach on Udemy
  • Get the app
  • About us
  • Contact us
  • Careers
  • Blog
  • Help and Support
  • Affiliate
  • Impressum Kontakt
  • Terms
  • Privacy policy
  • Cookie settings
  • Sitemap
  • Featured courses
Udemy
© 2021 Udemy, Inc.