Find online courses made by experts from around the world.
Take your courses with you and learn anywhere, anytime.
Learn and practice real-world skills and achieve your goals.
If you at any point of time in your career or academia surfaced information security, you know for a fact that security analysis is not only about thorough understanding of a system but also includes a good list of tools and techniques to analyze that particular system. Unlike network and web, mobile security is a recent phenomenon. In order to analyze mobile application, one should understand the underlying architecture, security model, development frameworks and the relevant tools.
This course deals with applications within the most widely used mobile OS, Android. The course introduces underlying Android architecture, its permission model and the default security measures in place. It deals with developer tools like Eclipse, Android Studio, Android Debug Bridge or ADB, UI Automator and Monkey Runner, along with tools and techniques for Network Analysis.
As a part of reversing and malware analysis, static and dynamic techniques have been discussed. Pentesting an Android App is has also been discussed. Issues like unintended data leakage, insecure data storage and tools like Burp Intruder & Metasploit have also been covered. The course concludes by discussing Android best practices for security.
To conclude, this course deals with Android security concepts and discusses the relevant tools in detail to exploit an Android application.
Not for you? No problem.
30 day money back guarantee.
Learn on the go.
Desktop, iOS and Android.
Certificate of completion.
|Section 1: Introduction|
Importance of Information SecurityPreview
Mobile First and State of the Art Product DesignPreview
Need for Mobile Security and OWASP Top 10
Basic Terminologies in Information Security
About CIA Triad
Introduction to Cryptography
Hashing and Digital Signature
Digital Certificates and PKI
TLS_SSL_Protocol and Handshake Process
DoS and DDoS attack
|Section 2: Android Architecture and Security Model|
A Brief about Android
Android Bootup Process
Android Data Structure and File system
Android Logging and Logcat
Android Security Model
Security Compliance w.r.t. Android Framework and Java
|Section 3: Getting Familiar with Android Developer Tools|
Eclipse IDE and Andorid Studio
Android Debug Bridge
UIAutomator and MonkeyRunner
|Section 4: Interacting with an Android Device|
Difference between an Android device and an Emulator
Interacting with Android device via USB
Rooting Android Device
|Section 5: Android Network Analysis|
Setting up a Proxy for Android Emulator
Setting Up a Proxy for Android Device
Installing CA Certificate
MITM and SSL MITM Attacks: PART 1
MITM and SSL MITM attacks PART 2
|Section 6: Android Reversing and Malware Analysis|
APK Files in a Nut Shell
Intro to Reverse Engineering
Reversing to Get the Source Code
Using APKTool for Reverse Engineering
Introduction to Android Malwares
Dynamic vs Static Analysis
Static Analysis of Android Malwares
Introduction to Android Tamer
Dynamic Analysis with DroidBox
Dynamic Analysis of Android Malwares
|Section 7: Android Application Pentesting and Exploitation|
Introduction to Android Pentests
Fuzzing Android Apps with Burp Proxy
Fuzzing Android Apps with Burp Intruder
Content Provider Leakage
Client Side Injection
Insecure Data Storage - Shared Preferences
Insecure Data Storage - SQLite Databases
Unintended Data Leakage
Automated Security Assessments with Drozer
Exploiting Android Devices Using Metasploit
|Section 8: Android Device and Data Security|
Android Device Protection
Bypassing Android Locks
Android Data Extraction
|Section 9: Using Android as a Pentesting Tool|
A Look into Commonly used Hacking and Pentesting Apps
PWN Pad on Nexus 7
Kali Linux on Android
|Section 10: Conclusion|
Android Security Practices
Course Summary and Revision
I am a founder & CEO at RecordsKeeper, a Blokchain-based record keeping solution for businesses & individuals.
Earlier I founded Appvigil (Wegilant) in Nov 2011 along with pursuing my Masters in Application Security from IIT Bombay, India. Appvigil is the Mobile App Security Scanner on Cloud. Appvigil also offers security audit services for mobile devices and applications, and compliance of IT regulations. I was heading the team as Chief Executive Officer. Company has won NASSCOM Emerge 50 Award 2014 one of the biggest award in India. Company got incubation in IIT Bombay's Business Incubator SINE in August 2013.
During Wegilant & before that, I have trained 15000+ students in 5+ years across various college campuses in India. I have also written a book on AVR Micro-controller with the name "Robotics with AVR".
I was the part of Forbes India 30Under30 List of 2016 in Technology space.