Udemy
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
Development
Web Development Data Science Mobile Development Programming Languages Game Development Database Design & Development Software Testing Software Engineering Development Tools No-Code Development
Business
Entrepreneurship Communications Management Sales Business Strategy Operations Project Management Business Law Business Analytics & Intelligence Human Resources Industry E-Commerce Media Real Estate Other Business
Finance & Accounting
Accounting & Bookkeeping Compliance Cryptocurrency & Blockchain Economics Finance Finance Cert & Exam Prep Financial Modeling & Analysis Investing & Trading Money Management Tools Taxes Other Finance & Accounting
IT & Software
IT Certification Network & Security Hardware Operating Systems Other IT & Software
Office Productivity
Microsoft Apple Google SAP Oracle Other Office Productivity
Personal Development
Personal Transformation Personal Productivity Leadership Career Development Parenting & Relationships Happiness Esoteric Practices Religion & Spirituality Personal Brand Building Creativity Influence Self Esteem & Confidence Stress Management Memory & Study Skills Motivation Other Personal Development
Design
Web Design Graphic Design & Illustration Design Tools User Experience Design Game Design Design Thinking 3D & Animation Fashion Design Architectural Design Interior Design Other Design
Marketing
Digital Marketing Search Engine Optimization Social Media Marketing Branding Marketing Fundamentals Marketing Analytics & Automation Public Relations Advertising Video & Mobile Marketing Content Marketing Growth Hacking Affiliate Marketing Product Marketing Other Marketing
Lifestyle
Arts & Crafts Beauty & Makeup Esoteric Practices Food & Beverage Gaming Home Improvement Pet Care & Training Travel Other Lifestyle
Photography & Video
Digital Photography Photography Portrait Photography Photography Tools Commercial Photography Video Design Other Photography & Video
Health & Fitness
Fitness General Health Sports Nutrition Yoga Mental Health Dieting Self Defense Safety & First Aid Dance Meditation Other Health & Fitness
Music
Instruments Music Production Music Fundamentals Vocal Music Techniques Music Software Other Music
Teaching & Academics
Engineering Humanities Math Science Online Education Social Science Language Teacher Training Test Prep Other Teaching & Academics
AWS Certification Microsoft Certification AWS Certified Solutions Architect - Associate AWS Certified Cloud Practitioner CompTIA A+ Cisco CCNA Amazon AWS CompTIA Security+ AWS Certified Developer - Associate
Photoshop Graphic Design Adobe Illustrator Drawing Digital Painting InDesign Character Design Canva Figure Drawing
Life Coach Training Neuro-Linguistic Programming Mindfulness Personal Development Meditation Personal Transformation Life Purpose Neuroscience Emotional Intelligence
Web Development JavaScript React CSS Angular PHP WordPress Node.Js Python
Google Flutter Android Development iOS Development Swift React Native Dart Programming Language Mobile Development Kotlin SwiftUI
Digital Marketing Google Ads (Adwords) Social Media Marketing Google Ads (AdWords) Certification Marketing Strategy Internet Marketing YouTube Marketing Email Marketing Retargeting
SQL Microsoft Power BI Tableau Business Analysis Business Intelligence MySQL Data Analysis Data Modeling Data Science
Business Fundamentals Entrepreneurship Fundamentals Business Strategy Online Business Business Plan Startup Freelancing Blogging Home Business
Unity Game Development Fundamentals Unreal Engine C# 3D Game Development C++ 2D Game Development Unreal Engine Blueprints Blender
30-Day Money-Back Guarantee
IT & Software Network & Security Mobile Testing

Mobile Application Hacking and Penetration Testing (Android)

Practice Mobile Application Hacking and Penetration Testing against a number of real world mobile applications.
Rating: 3.9 out of 53.9 (211 ratings)
1,592 students
Created by Eslam Medhat (Ethical Hacking, Bug Bounty and Penetration Testing)
Last updated 9/2020
English
English [Auto]
30-Day Money-Back Guarantee

What you'll learn

  • You will understand the different types of vulnerabilities that affect mobile applications and have the practical knowledge to attack and exploit them.
  • Perform real world attacks on Android Devices and Apps.
  • By the end of the course , You will learn How to Fuzz mobile apps.
  • OWASP Top Ten Mobile and Web most common vulnerabilities.
  • Build your own home lab on mobile application security.
  • By the end of the course , You will learn Mobile applications reverse engineering.
  • Practice on real world mobile applications.
  • Provides you the skills necessary to peform Penetration tests of mobile applications.

Requirements

  • Basic knowledge of programming fundamentals.
  • A desire to learn.

Description

This course includes all necessary information to start your carrier in Cyber Security field. This course aims to teach you how to perform full penetration testing on Android Mobile applications.


Course at a glance:

- Start from Android architectures basics.

- Covers Mobile applications reverse engineering.

- Practice on real world mobile applications.

- Build your own home lab on mobile application security.

- Provides you the skills necessary to perform Penetration tests of mobile applications.


Syllabus:

  • Introduction To Mobile Apps.

  • Mobile Application Security.

  • Mobile Application Penetration Testing.

  • The most common areas where we find mobile application data resides.

  • The Architecture of Android.

  • The App Sandbox and the Permission Model.

  • AndroidManifest.xml File.

  • Android Compilation Process.

  • Android Startup Process.

  • Android Application Components.

  • Setup a testing environment.

  • Android Debug Bridge (adb).

  • Digging deeper into Android (ADB tool).

  • intercept and analyze the network traffic.

  • Reversing an Android application.

  • OWASP top 10 vulnerabilities for mobiles.

  • Install DIVA (Damn insecure and vulnerable App).

  • Insecure Logging Issue.

  • Insecure Data Storage.

  • Database Insecure Storage.

  • Insecure Data Storage Inside Temporary Files.

  • Hardcoding Issues.

  • Input Validation Issues - SQL Injection.

  • Input Validation Issues - Exploiting Webview Vulnerability.

With this course you'll get 24/7 support, so if you have any questions you can post them in the Q&A section and we'll respond to you within 10 hours.


NOTE: This course is created for educational purposes only.


Who this course is for:

  • Penetration testers
  • Forensers
  • Mobile App Developers
  • IT personnel
  • Anyone who has a personal or professional interest in attacking mobile applications.
  • All who wants to start their carrier in android security.

Featured review

Aamir Shaikh
Aamir Shaikh
121 courses
2 reviews
Rating: 5.0 out of 5a year ago
course is very good , all the lecture are explained very perfectly , thank you so much sir this course helped me a lot, if anyone is thinking to do android penetration i will suggest you go for this course , there is no language issue, thank you again

Course content

8 sections • 36 lectures • 1h 27m total length

  • Introduction To Mobile Apps
    00:22
  • Mobile Application Security part 1
    01:00
  • Mobile Application Security part 2
    00:14
  • Mobile Application Penetration Testing
    00:08
  • The most common areas where we find mobile application data resides
    Preview02:11

  • The Architecture of Android
    02:52
  • The App Sandbox and the Permission Model
    01:18
  • AndroidManifest.xml File
    00:06
  • Android Compilation Process
    00:20
  • Android Startup Process
    00:36
  • Android Application Components
    01:37

  • Preparing the Battlefield
    17:15
  • Unable to start the virtual device (Error Message)
    00:16

  • Android Debug Bridge (adb)
    00:44
  • Digging deeper into Android (ADB tool)
    Preview06:34
  • Burp Suite
    00:14
  • intercept and analyze the network traffic
    06:26

  • Reversing APKs Intro
    00:24
  • Reversing an Android application
    08:27

  • OWASP top 10 vulnerabilities for mobiles
    00:26
  • Damn insecure and vulnerable App
    00:09
  • Install DIVA (Damn insecure and vulnerable App)
    02:42
  • What is Insecure Logging?
    00:05
  • Insecure Logging Issue
    04:41
  • What is Insecure Data Storage?
    00:21
  • Preview06:13
  • Database Insecure Storage
    03:31
  • Insecure Data Storage Inside Temporary Files
    02:09
  • Hardcoding Issues
    02:28
  • What is SQL injection?
    00:27
  • Input Validation Issues - SQL Injection
    04:45
  • Android WebView Vulnerabilities
    00:33
  • Input Validation Issues - Exploiting Webview Vulnerability
    04:11

  • Vulnerable Bank App
    00:25

  • Bonus Lecture
    00:14
  • Exploiting Script Source Code Disclosure Vulnerability
    03:09

Instructor

Eslam Medhat (Ethical Hacking, Bug Bounty and Penetration Testing)
Hacking, Ethical Hacking, Bug Bounty and Penetration Testing
Eslam Medhat (Ethical Hacking, Bug Bounty and Penetration Testing)
  • 4.2 Instructor Rating
  • 1,152 Reviews
  • 11,708 Students
  • 4 Courses

is a professional pen-tester and ethical hacker with over 9 years of IT experience bringing a strong background in programming languages and application security, ranging from network and system administration to exploit research and development. He reported various vulnerabilities for high profile companies and vendors (such as Microsoft, Yahoo, Sony, AVG, Bitdefender, Facebook and many more) and was successfully acknowledged by them.


Certifications: 

- OSCP

- CEH (Certified Ethical Hacker)

- GPEN

- GWAPT

- CCNA and CCNA Security

- MCITP

- Advanced Linux&InfoSEC


Technical Skills:

Security: Application and network penetration testing, source code review, Incident Response, protocol analysis, fuzzing, reverse engineering, antiDDoS, IDS.

Languages: PHP, JavaScript, Java SE, C++, C#, Python, Visual Basic, SQL,CMD, Bash scripts, Assembly.

Tools/Frameworks: Burp Suite, OWASP ZAP, Fiddler, OWASP Mantra, Acunetix, Netsparker, W3AF, Nikto, SqlMap, Sql Ninja, Xenotix XSS Exploit Framework, Metasploit framework, Vmware, VirtualBox, Wireshark, Tcpdump,Dominator, Fuzzers, DirBuster, joomscan, sslstrip, Ettercap, Arachni, Nessus, ollydbg, Armitage, John the Ripper, etc..

Operating Systems: Expert knowledge of windows & Unix operating systems.

Website CMS: Wordpress, Joomla, Magento, etc..


  • Udemy for Business
  • Teach on Udemy
  • Get the app
  • About us
  • Contact us
  • Careers
  • Blog
  • Help and Support
  • Affiliate
  • Terms
  • Privacy policy
  • Cookie settings
  • Sitemap
  • Featured courses
Udemy
© 2021 Udemy, Inc.