Discover new courses and celebrate learning with us today. 🎓

Development

Web Development

Exploiting Android Apps for beginners - Check Apps Security

Learn essential Android security concepts, tools, and techniques in this hands-on course focused on mobile app security for developers and analysts.

4.9

315,475 rating
11 Lessons
229 Students
Last updated 4 months ago

By Toshendra Sharma

via Udemy

Go To Course

Brief Summary

This course dives into the world of mobile app security, especially focusing on Android. It mixes theory with practical tools and techniques to help you understand and analyze Android applications effectively, including security measures and pentesting strategies.

Key Points

Balance of theory and hands-on experience
Tools for analyzing mobile applications
Focus on Android OS architecture and security
Discussion of pentesting and malware analysis
Best practices for mobile app security

Learning Outcomes

Understand Android's architecture and how it impacts security
Get comfortable with tools for security analysis and reverse engineering
Learn to pentest Android apps with practical techniques
Identify common security issues like data leakage
Adopt best practices to secure Android applications

About This Course

Has the right balance of theory and hands-on. Good set of tools discussed. Offered by leaders in Mobile App Security.

If you at any point of time in your career or academia surfaced information security, you know for a fact that security analysis is not only about thorough understanding of a system but also includes a good list of tools and techniques to analyze that particular system. Unlike network and web, mobile security is a recent phenomenon. In order to analyze mobile application, one should understand the underlying architecture, security model, development frameworks and the relevant tools.

This course deals with applications within the most widely used mobile OS, Android. The course introduces underlying Android architecture, its permission model and the default security measures in place. It deals with developer tools like Eclipse, Android Studio, Android Debug Bridge or ADB, UI Automator and Monkey Runner, along with tools and techniques for Network Analysis.

As a part of reversing and malware analysis, static and dynamic techniques have been discussed. Pentesting an Android App is has also been discussed. Issues like unintended data leakage, insecure data storage and tools like Burp Intruder & Metasploit have also been covered. The course concludes by discussing Android best practices for security.

To conclude, this course deals with Android security concepts and discusses the relevant tools in detail to exploit an Android application.

Understand Android's Architecture and Security Model
Get familiar with tools for development, reverse engineering and security analysis
Pentesting Android Apps

Course Curriculum

Introduction

13 Lectures

Importance of Information Security

Mobile First and State of the Art Product Design

Need for Mobile Security and OWASP Top 10

Basic Terminologies in Information Security

About CIA Triad

Introduction to Cryptography

Hashing and Digital Signature

Digital Certificates and PKI

TLS_SSL_Protocol and Handshake Process

DoS and DDoS attack

Password Security

Access Control

Android Architecture and Security Model

10 Lectures

A Brief about Android

Android Bootup Process

Android Architecture

Android Data Structure and File system

Android Logging and Logcat

Android Apps

Android Security Model

Android Permissions

Security Compliance w.r.t. Android Framework and Java

Google Bouncer

Getting Familiar with Android Developer Tools

3 Lectures

Eclipse IDE and Andorid Studio

Android Debug Bridge

UIAutomator and MonkeyRunner

Interacting with an Android Device

6 Lectures

Difference between an Android device and an Emulator

Interacting with Android device via USB

Rooting Android Device

BusyBox

Android Network Analysis

6 Lectures

Setting up a Proxy for Android Emulator

Setting Up a Proxy for Android Device

Installing CA Certificate

MITM and SSL MITM Attacks: PART 1

MITM and SSL MITM attacks PART 2

Data Manipulation

Android Reversing and Malware Analysis

10 Lectures

APK Files in a Nut Shell

Intro to Reverse Engineering

Reversing to Get the Source Code

Using APKTool for Reverse Engineering

Introduction to Android Malwares

Dynamic vs Static Analysis

Static Analysis of Android Malwares

Introduction to Android Tamer

Dynamic Analysis with DroidBox

Dynamic Analysis of Android Malwares

Android Application Pentesting and Exploitation

12 Lectures

Introduction to Android Pentests

Fuzzing Android Apps with Burp Proxy

Fuzzing Android Apps with Burp Intruder

Attacking authentication

Content Provider Leakage

Client Side Injection

Insecure Data Storage - Shared Preferences

Insecure Data Storage - SQLite Databases

Unintended Data Leakage

Broken Cryptography

Automated Security Assessments with Drozer

Exploiting Android Devices Using Metasploit

Android Device and Data Security

3 Lectures

Android Device Protection

Bypassing Android Locks

Android Data Extraction

Using Android as a Pentesting Tool

3 Lectures

A Look into Commonly used Hacking and Pentesting Apps

PWN Pad on Nexus 7

Kali Linux on Android

Conclusion

2 Lectures

Android Security Practices

Course Summary and Revision

Instructor

Toshendra Sharma

4.9

315,475 Reviews
345 Students
34 Course

I am a founder & CEO of RecordsKeeper, a Blockchain-based record keeping solution for businesses. Earlier, I founded Appvigil (Wegilant) in Nov 2011 while pursuing my Masters in Application Security from IIT Bombay, India. Appvigil is the Mobile App Vulnerability Scanner on Cloud. Appvigil also offers security audit services for mobile devices and applications, and compliance with IT regulations. I...

More Courses By Toshendra Sharma

Ethical Hacking For Beginners - Practical Approach

4.9

(230)

Blockchain Basics: A Practical Approach

4.9

(230)

MultiChain: How To Setup A Private Blockchain Using AWS EC2

4.9

(230)

Build Blockchain Applications: Proof-Of-Existence

4.9

(230)

API Blueprint - Design API Specs & Create Docs in Seconds

4.9

(230)

Review

4.9 course rating

4K ratings

Zhaoming Y.

5.0

5 years ago

very useful general introduction

Helpful
Not helpful

Sandeep

5.0

8 years ago

Good explanation.

Helpful
Not helpful

Raju A.

3.5

8 years ago

I think instructor could have done better if he reviews his own lectures. Some mistakes found explaining concepts. Else tried his best to explain things.

Helpful
Not helpful

Tonio B.

3.0

9 years ago

After several lectures, I still have not learned nearly anything about mobile apps or devices. Why doesn't he get into the topic of the course already? The subtitle of the course says this is an advanced course. I don't need to learn about why information security is important because I already expressed my understanding of that by buying this course.

I have only seen the first two of three videos, so I am hoping that this general overview part will end soon. That is what I expect. The instructor seems smart and is understandable.

Helpful
Not helpful

Ratings

This course includes:

54.5 hours on-demand video
3 articles
249 downloadable resources
Access on mobile and TV
Full lifetime access
Certificate of completion

Courses You May Like

Lorem ipsum dolor sit amet elit

Show More Courses

Become a Certified Web Developer: HTML, CSS and JavaScript

4.9

(230)

By: Carolyn Welborn

Exploiting Android Apps for beginners - Check Apps Security

Brief Summary

Key Points

Learning Outcomes

About This Course

Course Curriculum