Android Security and Penetration Testing

  1. Common Android Vulnerabilities (OWASP Mobile Top 10)
    1. M1: Improper Platform Usage
      1. Misuse of Platform Features
        1. Intent Misuse
          1. Permission Abuse
          2. Insecure Intent Usage
            1. Implicit Intents
              1. Intent Spoofing
              2. Keychain Misuse
                1. TouchID Misuse
                2. M2: Insecure Data Storage
                  1. Unencrypted Storage
                    1. SQLite Databases
                      1. SharedPreferences
                        1. Internal Storage
                        2. Insecure External Storage Usage
                          1. SD Card Storage
                            1. Public Directories
                            2. Logging Sensitive Data
                              1. Keyboard Cache
                                1. Copy/Paste Buffer Leaks
                                2. M3: Insecure Communication
                                  1. Lack of Transport Encryption
                                    1. HTTP Usage
                                      1. Unencrypted Protocols
                                      2. Weak SSL/TLS Configuration
                                        1. Deprecated Protocols
                                          1. Weak Cipher Suites
                                          2. Certificate Validation Issues
                                            1. Mixed Content
                                            2. M4: Insecure Authentication
                                              1. Weak Authentication Mechanisms
                                                1. Poor Password Policies
                                                  1. Weak Biometric Implementation
                                                  2. Credential Leakage
                                                    1. Hardcoded Credentials
                                                      1. Credential Storage Issues
                                                      2. Session Management Flaws
                                                        1. Broken Multi-factor Authentication
                                                        2. M5: Insufficient Cryptography
                                                          1. Use of Deprecated Algorithms
                                                            1. MD5 Usage
                                                              1. DES Usage
                                                              2. Poor Key Management
                                                                1. Hardcoded Keys
                                                                  1. Weak Key Generation
                                                                  2. Insecure Random Number Generation
                                                                    1. Custom Cryptographic Implementations
                                                                    2. M6: Insecure Authorization
                                                                      1. Broken Access Controls
                                                                        1. Privilege Escalation
                                                                          1. Horizontal Privilege Escalation
                                                                          2. Client-side Authorization
                                                                            1. Insecure Direct Object References
                                                                              1. Function Level Access Control Issues
                                                                              2. M7: Client Code Quality
                                                                                1. Code Injection Vulnerabilities
                                                                                  1. SQL Injection
                                                                                    1. Command Injection
                                                                                    2. Logic Flaws
                                                                                      1. Business Logic Bypass
                                                                                        1. Race Conditions
                                                                                        2. Memory Corruption Issues
                                                                                          1. Input Validation Failures
                                                                                          2. M8: Code Tampering
                                                                                            1. Lack of Integrity Checks
                                                                                              1. Missing Code Signing Verification
                                                                                                1. Runtime Application Self Protection (RASP) Absence
                                                                                                2. Tamper Detection Bypass
                                                                                                  1. Binary Patching
                                                                                                    1. Method Hooking
                                                                                                    2. M9: Reverse Engineering
                                                                                                      1. Lack of Obfuscation
                                                                                                        1. Clear Text Code
                                                                                                          1. Readable String Resources
                                                                                                          2. Exposure of Sensitive Logic
                                                                                                            1. Algorithm Disclosure
                                                                                                              1. Business Logic Exposure
                                                                                                              2. Debug Information Leakage
                                                                                                                1. Symbol Table Exposure
                                                                                                                2. M10: Extraneous Functionality
                                                                                                                  1. Debug Code in Production
                                                                                                                    1. Debug Flags
                                                                                                                      1. Test Endpoints
                                                                                                                      2. Unintended Backdoors
                                                                                                                        1. Hidden Functionality
                                                                                                                          1. Developer Backdoors
                                                                                                                          2. Unused Code Paths
                                                                                                                            1. Administrative Interfaces

                                                                                                                          Previous

                                                                                                                          5. Network Traffic Analysis

                                                                                                                          Go to top

                                                                                                                          Next

                                                                                                                          7. Advanced Security Topics