Mobile Application Hacking and Penetration Testing (Android)
What you'll learn
- You will understand the different types of vulnerabilities that affect mobile applications and have the practical knowledge to attack and exploit them.
- Perform real world attacks on Android Devices and Apps.
- By the end of the course , You will learn How to Fuzz mobile apps.
- OWASP Top Ten Mobile and Web most common vulnerabilities.
- Build your own home lab on mobile application security.
- By the end of the course , You will learn Mobile applications reverse engineering.
- Practice on real world mobile applications.
- Provides you the skills necessary to peform Penetration tests of mobile applications.
Requirements
- Basic knowledge of programming fundamentals.
- A desire to learn.
Description
This course includes all necessary information to start your carrier in Cyber Security field. This course aims to teach you how to perform full penetration testing on Android Mobile applications.
Course at a glance:
- Start from Android architectures basics.
- Covers Mobile applications reverse engineering.
- Practice on real world mobile applications.
- Build your own home lab on mobile application security.
- Provides you the skills necessary to perform Penetration tests of mobile applications.
Syllabus:
Introduction To Mobile Apps.
Mobile Application Security.
Mobile Application Penetration Testing.
The most common areas where we find mobile application data resides.
The Architecture of Android.
The App Sandbox and the Permission Model.
AndroidManifest.xml File.
Android Compilation Process.
Android Startup Process.
Android Application Components.
Setup a testing environment.
Android Debug Bridge (adb).
Digging deeper into Android (ADB tool).
intercept and analyze the network traffic.
Reversing an Android application.
OWASP top 10 vulnerabilities for mobiles.
Install DIVA (Damn insecure and vulnerable App).
Insecure Logging Issue.
Insecure Data Storage.
Database Insecure Storage.
Insecure Data Storage Inside Temporary Files.
Hardcoding Issues.
Input Validation Issues - SQL Injection.
Input Validation Issues - Exploiting Webview Vulnerability.
With this course you'll get 24/7 support, so if you have any questions you can post them in the Q&A section and we'll respond to you within 10 hours.
NOTE: This course is created for educational purposes only.
Who this course is for:
- Penetration testers
- Forensers
- Mobile App Developers
- IT personnel
- Anyone who has a personal or professional interest in attacking mobile applications.
- All who wants to start their carrier in android security.
Featured review
![Aamir Shaikh](data:image/svg+xml,%3Csvg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 64 64"%3E%3C/svg%3E){kind=avatar}
Course content
- 00:22Introduction To Mobile Apps
- 01:00Mobile Application Security part 1
- 00:14Mobile Application Security part 2
- 00:08Mobile Application Penetration Testing
- Preview02:11The most common areas where we find mobile application data resides
Instructor
- 4.2 Instructor Rating
- 1,152 Reviews
- 11,708 Students
- 4 Courses
is a professional pen-tester and ethical hacker with over 9 years of IT experience bringing a strong background in programming languages and application security, ranging from network and system administration to exploit research and development. He reported various vulnerabilities for high profile companies and vendors (such as Microsoft, Yahoo, Sony, AVG, Bitdefender, Facebook and many more) and was successfully acknowledged by them.
Certifications:
- OSCP
- CEH (Certified Ethical Hacker)
- GPEN
- GWAPT
- CCNA and CCNA Security
- MCITP
- Advanced Linux&InfoSEC
Technical Skills:
Security: Application and network penetration testing, source code review, Incident Response, protocol analysis, fuzzing, reverse engineering, antiDDoS, IDS.
Languages: PHP, JavaScript, Java SE, C++, C#, Python, Visual Basic, SQL,CMD, Bash scripts, Assembly.
Tools/Frameworks: Burp Suite, OWASP ZAP, Fiddler, OWASP Mantra, Acunetix, Netsparker, W3AF, Nikto, SqlMap, Sql Ninja, Xenotix XSS Exploit Framework, Metasploit framework, Vmware, VirtualBox, Wireshark, Tcpdump,Dominator, Fuzzers, DirBuster, joomscan, sslstrip, Ettercap, Arachni, Nessus, ollydbg, Armitage, John the Ripper, etc..
Operating Systems: Expert knowledge of windows & Unix operating systems.
Website CMS: Wordpress, Joomla, Magento, etc..