Android Security and Penetration Testing

  1. Advanced Security Topics
    1. Reverse Engineering Native Code (ARM/ARM64)
      1. Disassembling with Ghidra
        1. Project Setup
          1. Code Analysis
            1. Function Identification
            2. Disassembling with IDA Pro
              1. Database Creation
                1. Cross-references
                  1. Debugging Setup
                  2. Static Analysis of Native Libraries
                    1. Symbol Analysis
                      1. String Analysis
                        1. Control Flow Analysis
                        2. Dynamic Debugging of Native Code
                          1. Using GDB
                            1. Breakpoint Setting
                              1. Memory Examination
                              2. Using LLDB
                                1. Process Attachment
                                  1. Register Analysis
                                2. ARM Assembly Fundamentals
                                  1. Instruction Set Architecture
                                    1. Calling Conventions
                                      1. Memory Layout
                                    2. Obfuscation and Anti-Reversing Techniques
                                      1. Code Obfuscation
                                        1. ProGuard
                                          1. Configuration
                                            1. Optimization Rules
                                            2. R8
                                              1. Advanced Shrinking
                                                1. Optimization Techniques
                                              2. String Encryption
                                                1. Custom Encoding Schemes
                                                  1. Runtime Decryption
                                                  2. Anti-Debugging and Anti-Emulation Checks
                                                    1. Debugger Detection
                                                      1. PTRACE Detection
                                                        1. Debug Flag Checks
                                                        2. Emulator Detection
                                                          1. Hardware Fingerprinting
                                                            1. Environment Checks
                                                          2. Root Detection and Bypass Techniques
                                                            1. Common Root Detection Methods
                                                              1. Binary Checks
                                                                1. Property Checks
                                                                2. Bypassing Root Checks
                                                                  1. Hook-based Bypass
                                                                    1. Binary Modification
                                                                  2. Control Flow Obfuscation
                                                                    1. Dead Code Insertion
                                                                    2. System-Level Security
                                                                      1. Android Verified Boot (AVB)
                                                                        1. Boot Integrity Verification
                                                                          1. Rollback Protection
                                                                            1. Hash Tree Verification
                                                                            2. TrustZone and Trusted Execution Environment (TEE)
                                                                              1. Secure World vs. Normal World
                                                                                1. Trusted Applications
                                                                                  1. Secure Monitor
                                                                                  2. KeyStore and Keymaster HAL
                                                                                    1. Secure Key Storage
                                                                                      1. Hardware-backed Security
                                                                                        1. Key Attestation
                                                                                        2. Gatekeeper and Fingerprint HAL
                                                                                          1. Biometric Authentication
                                                                                            1. Secure User Verification
                                                                                              1. Template Storage
                                                                                              2. Hardware Security Module (HSM)
                                                                                                1. Secure Element Integration
                                                                                                2. Android Forensics
                                                                                                  1. Data Acquisition Methods
                                                                                                    1. Logical Acquisition
                                                                                                      1. ADB-based Extraction
                                                                                                        1. Application Data Extraction
                                                                                                        2. Physical Acquisition
                                                                                                          1. JTAG
                                                                                                            1. Chip-off
                                                                                                          2. Filesystem Analysis
                                                                                                            1. Partition Structure
                                                                                                              1. System Partition
                                                                                                                1. Data Partition
                                                                                                                  1. Boot Partition
                                                                                                                  2. File Carving
                                                                                                                    1. Deleted File Recovery
                                                                                                                      1. Fragment Analysis
                                                                                                                    2. Artifact Recovery
                                                                                                                      1. Deleted Data Recovery
                                                                                                                        1. App-specific Artifact Extraction
                                                                                                                          1. Timeline Analysis
                                                                                                                          2. Memory Forensics
                                                                                                                            1. RAM Acquisition
                                                                                                                              1. Memory Analysis Tools
                                                                                                                              2. Network Forensics
                                                                                                                                1. Traffic Reconstruction
                                                                                                                                  1. Protocol Analysis

                                                                                                                              Previous

                                                                                                                              6. Common Android Vulnerabilities (OWASP Mobile Top 10)

                                                                                                                              Go to top

                                                                                                                              Next

                                                                                                                              8. Reporting and Mitigation