Index
A
- acceptance tests / Testing the basics
- access control, software security / Software security terms
- AccountManager class
- about / AccountManager
- using / AccountManager
- activity
- about / Intents
- Activity.runOnUiThread() method
- about / UI testing and TouchUtils
- ActivityInstrumentationTestCase2 class
- about / The test case classes
- activity lifecycle methods / Instrumentation
- activity test
- creating / Creating an activity test
- unit test, creating / Creating a unit test
- functional test, creating / Creating a functional test
- executing / Getting the results
- ActivityTestCase class
- about / The test case classes
- ActivityUnitTestCase class
- about / The test case classes
- addMonitor method / Instrumentation
- Allocation Tracker tab
- displaying / Allocation Tracker
- All pairs testing technique / Testing the basics
- Android
- about / The mobile environment
- Android application
- testing / Testing in Android
- Android application package (APK) / Permissions
- Android Application Sandbox / An overview of Android security
- Android Debug Bridge (adb) / Spoon
- Android instrumentation
- about / Instrumentation
- Android Mock
- about / Android Mock
- URL / Android Mock
- Android SDK
- used, for testing Android application / Testing in Android
- Android security
- overview / An overview of Android security
- features / An overview of Android security
- Android Studio
- about / Android Studio
- URL, for documentation / Getting help
- help, obtaining / Getting help
- Android Virtual Device (AVD)
- about / The uiautomatorviewer tool
- API
- about / Permissions
- app
- about / The mobile environment
- Appium
- application layer
- about / HTTPS
- application sandboxing / An overview of Android security
- Assert class
- about / The Assert class and method
- ViewAsserts class / The ViewAsserts class
- MoreAsserts class / The MoreAsserts class
- assertEquals method / The Assert class and method
- assertFalse method / The Assert class and method
- assert method
- about / The Assert class and method
- assertEquals method / The Assert class and method
- assertTrue method / The Assert class and method
- assertFalse method / The Assert class and method
- assertNull method / The Assert class and method
- assertNotNull method / The Assert class and method
- assertSame method / The Assert class and method
- assertNotSame method / The Assert class and method
- fail method / The Assert class and method
- assertNotNull method / The Assert class and method
- assertNotSame method / The Assert class and method
- assertNull method / The Assert class and method
- assertSame method / The Assert class and method
- assertTrue method / The Assert class and method
- asymmetric cryptography, software security / Software security terms
- asymmetric encryption
- about / Encryption
- authentication, software security / Software security terms
- authentication factors
- knowledge factor / The knowledge factor
- possession factor / The possession factor
- inherence factor / The inherence factor
- availability, software security / Software security terms
B
- basis path testing / Testing the basics
- biometric authentication
- about / The inherence factor
- biometric identifiers
- physiological characteristics / The inherence factor
- behavioral characteristics / The inherence factor
- black-box testing
- about / Testing the UI
- black-box tests
- about / Testing the basics
- black-box tests, techniques
- equivalence partitioning / Testing the basics
- boundary value analysis / Testing the basics
- state transition testing / Testing the basics
- all pairs testing / Testing the basics
- syntax testing / Testing the basics
- bot-bot
- bot-bot recorder
- about / Bot-bot
- bot-bot runner
- about / Bot-bot
- bot-bot server
- about / Bot-bot
- boundary value analysis technique / Testing the basics
- broadcast messages, types
- broadcast receivers
- about / Intents
- brute force, software security / Software security terms
C
- Calabash
- about / Calabash
- categories, developer options
- General / Developer options
- Debugging / Developer options
- Input / Developer options
- Drawing / Developer options
- Hardware accelerated rendering / Developer options
- Monitoring / Developer options
- Apps / Developer options
- Cause-effect graphing technique / Testing the basics
- certificate
- about / Server and client certificates
- creating / Server and client certificates
- using / Server and client certificates
- certificate.crt file / Keytool in the terminal
- Certificate Authority (CA) / Code examples using HTTPS
- certificates
- about / An overview of Android security
- Cipher, software security / Software security terms
- code injection, software security / Software security terms
- confidentiality, software security / Software security terms
- Console
- about / Debugging and DDMS
- content provider
- testing / Service and content provider testing
- content providers
- about / Content providers
- URL, for official documentation / Content providers
- securing / Securing the content providers
- securing, precautions / Securing the content providers
- control flow testing / Testing the basics
- crack, software security / Software security terms
- cryptographic keys
- about / The possession factor
D
- .db file
- about / The database storage
- dangerous permission level
- about / Permissions
- data
- storing, encryption used / Using encryption to store data
- database storage
- about / The database storage
- Data Encryption Standard (DES)
- about / SSL and TLS
- data flow testing / Testing the basics
- data privacy
- about / Data privacy
- DDMS
- about / Debugging and DDMS
- debugger
- about / Debugging and DDMS
- debugging
- about / Debugging and DDMS
- decryption, software security / Software security terms
- Denial-of-service (DoS) / Software security terms
- developer options
- about / Developer options
- categories / Developer options
- Device View
- about / Spoon
- Dictionary attack / Software security terms
- Distributed denial-of-service (DDoS) / Software security terms
- doFinal method
- about / Encryption
E
- electronic commerce (e-commerce) / Software security terms
- Emulator Control tab
- about / Emulator Control
- Telephony Status / Emulator Control
- Telephony Actions / Emulator Control
- Location Controls / Emulator Control
- encryption / Software security terms
- about / Encryption
- symmetric encryption / Encryption
- asymmetric encryption / Encryption
- key, generating / Generating a key
- used, for storing data / Using encryption to store data
- encryption methods
- using / The encryption methods
- Equivalence partitioning technique / Testing the basics
- Espresso
- exclusive time / Method profiling
- expect-run-verify pattern / Mockito
- external storage
- about / Files in the external storage
- public files / Files in the external storage
- private files / Files in the external storage
F
- fabrication, threat / Threat
- fail method / The Assert class and method
- features, Android security
- application-defined permissions / An overview of Android security
- interprocess communication / An overview of Android security
- support for secure networking / An overview of Android security
- support for cryptography / An overview of Android security
- encrypted file system / An overview of Android security
- application signing / An overview of Android security
- FEST
- reference link / FEST Android
- FEST Android
- about / FEST Android
- URL / FEST Android
- File Explorer tab
- about / File Explorer
- FTP
- about / HTTPS
- functional test
- creating / Creating a functional test
- setting up / The functional test setup
- UI test method, implementing / The UI test
- activity Intent test method, implementing / The activity Intent test
- state management test method, implementing / The state management test
- functional testing
- about / Testing activities
- tools, using / Tools for functional testing
G
- garbage collector (GC)
- about / Heap
- Genymotion
- about / Genymotion
- URL / Genymotion
- getAccountsByName method
- about / AccountManager
- getActivity() method
- about / Instrumentation, The unit test setup
- getContentResolver().query() method
- about / Content providers
- getContentResolver().query() method, parameters
- content URI / Content providers
- projection / Content providers
- selection / Content providers
- selection arguments / Content providers
- sort order / Content providers
- getInstrumentation() method
- about / Instrumentation
- getPreferences() method
- about / Shared preferences
- getSharedPreferences() method
- about / Shared preferences
- getTargetContext method / Instrumentation
- getUiDevice() method
- about / The UiDevice class
- Graphics Processing Unit (GPU) / Developer options
H
- hash function / Software security terms
- Heap tab
- displaying / Heap
- help, Android Studio
- obtaining / Getting help
- Hijack attack / Software security terms
- HTTP
- versus, HTTPS / HTTPS
- HTTPS
- about / HTTPS
- versus, HTTP / HTTPS
- SSL / SSL and TLS
- TLS / SSL and TLS
- certificate, creating / Server and client certificates
- Keytool / Keytool in the terminal
- Android Studio / Android Studio
- examples / Code examples using HTTPS
- Hypertext Transfer Protocol Secure (HTTPS) / Software security terms
I
- inclusive time / Method profiling
- inherence factor
- about / The knowledge factor, The inherence factor
- init method / Encryption
- input validation
- about / Input validation
- SQL injection / SQL injection
- instrumentation
- about / Instrumentation
- Instrumentation class
- URL, for documentation / Instrumentation
- addMonitor method / Instrumentation
- activity lifecycle methods / Instrumentation
- getTargetContext method / Instrumentation
- startActivitySync method / Instrumentation
- waitForIdleSync method / Instrumentation
- InstrumentationTestCase class
- about / The test case classes
- integration tests / Testing the basics
- integrity, software security / Software security terms
- intents
- Intents
- securing / Securing Intents
- vulnerabilities / Securing Intents
- Intent spoofing
- about / Securing Intents
- interapplication communication
- about / Interapplication communication, Interapplication communication
- intents / Intents
- content providers / Content providers
- Intents, securing / Securing Intents
- content providers, securing / Securing the content providers
- interception, threat / Threat
- internal storage
- about / Files in the internal storage
- International Mobile Station Equipment Identity (IMEI)
- about / Data privacy
- Internet Assigned Numbers Authority (IANA)
- about / Input validation
- internet layer
- about / HTTPS
- interruption, threat / Threat
J
- Java Development Kit (JDK)
- about / Server and client certificates
- JUnit
- about / Testing in Android
- JVM
- about / Testing in Android
- Android application, testing on / Testing in Android
K
- key
- generating, for encryption / Generating a key
- KeyGenerator class / Generating a key
- Keytool
- keytool command
- -genkey parameter / Keytool in the terminal
- -keyalg parameter / Keytool in the terminal
- -alias parameter / Keytool in the terminal
- -keystore parameter / Keytool in the terminal
- -storepass parameter / Keytool in the terminal
- -validity parameter / Keytool in the terminal
- -keysize parameter / Keytool in the terminal
- knowledge factor
- username/password / The knowledge factor
- pattern / The knowledge factor
- PIN / The knowledge factor
L
- link layer
- about / HTTPS
- LogCat
- about / Debugging and DDMS
- login implementations
- about / Login implementations
M
- Man-in-the-middle attack / Software security terms
- MD5, software security / Software security terms
- Media Access Control (MAC) / HTTPS
- media availability
- testing / Media availability
- method profiling tool
- about / Method profiling
- mobile environment
- about / The mobile environment
- mock() method / Mockito
- Mockito
- mock object classes
- about / The mock object classes
- MockApplication class / The mock object classes
- MockContext class / The mock object classes
- MockContentProvider class / The mock object classes
- MockCursor class / The mock object classes
- MockDialogInterface class / The mock object classes
- MockPackageManager class / The mock object classes
- MockResources class / The mock object classes
- MockContentResolver class / The mock object classes
- mode flag, internal storage
- MODE_PRIVATE / Files in the internal storage
- MODE_APPEND / Files in the internal storage
- MODE_WORLD_READABLE / Files in the internal storage
- MODE_WORLD_WRITEABLE / Files in the internal storage
- modification, threat / Threat
- Monkey
- MonkeyTalk
- about / MonkeyTalk
- URL, for downloading / MonkeyTalk
- MoreAsserts class / The Assert class and method
- about / The MoreAsserts class
- assertContainsRegex() method / The MoreAsserts class
- assertContentsInAnyOrder() method / The MoreAsserts class
- assertContentsInOrder() method / The MoreAsserts class
- assertEmpty() method / The MoreAsserts class
- assertEquals() method / The MoreAsserts class
- assertMatchesRegex() method / The MoreAsserts class
- URL / The MoreAsserts class
- multifactor authentication
- about / Multifactor authentication
- MyPrefsFile file / Shared preferences
- MyReadablePrefsFile file / Shared preferences
- MyWriteablePrefsFile file / Shared preferences
- my_keystore.jks file / Keytool in the terminal
N
- network access
- testing / Network access
- Network Statistics tab
- displaying / Network Statistics
- normal broadcast
- about / Intents
- normal permission level
- about / Permissions
O
- onCreate method / Instrumentation
- openFileOutput() method
- about / Files in the internal storage
- open source software (OSS)
- about / HTTPS
- operating mode, shared preferences
- MODE_PRIVATE / Shared preferences
- MODE_WORLD_READABLE / Shared preferences
- operating system (OS)
- about / The mobile environment
- ordered broadcast
- about / Intents
- orientation changes
- testing / Change in orientation
- OSI model
P
- -p parameter / Monkey
- password, software security / Software security terms
- pattern
- about / The knowledge factor
- Pattern class
- DOMAIN_NAME pattern / Input validation
- EMAIL_ADDRESS pattern / Input validation
- IP_ADDRESS pattern / Input validation
- PHONE pattern / Input validation
- TOP_LEVEL_DOMAIN pattern / Input validation
- WEB_URL pattern / Input validation
- PBKDF2 algorithm / Using encryption to store data
- permission level
- normal / Permissions
- dangerous / Permissions
- signature / Permissions
- signatureOrSystem / Permissions
- permissions
- about / Permissions, Permissions
- phishing, software security / Software security terms
- physical layer
- about / HTTPS
- PIN
- about / The knowledge factor
- possession factor
- about / The possession factor
- private files
- about / Files in the external storage
- public files
- about / Files in the external storage
R
- regular expressions
- URL, for documentation / Input validation
- resourceId method / The UI test project
- risk, software security
- about / Software security terms, Risk
- Robolectric
- about / Robolectric
- URL / Robolectric
- Robotium
S
- Screenshot feature
- about / Spoon
- SecretKeySpec class / Generating a key
- secure code-design, principles
- secure defaults / Secure code-design principles
- least privileges / Secure code-design principles
- clarity / Secure code-design principles
- small surface area / Secure code-design principles
- strong defense / Secure code-design principles
- failing securely / Secure code-design principles
- third-party companies, not trusting / Secure code-design principles
- simplicity / Secure code-design principles
- Address vulnerabilities / Secure code-design principles
- SecureRandom class / Generating a key
- security testing
- about / Testing the basics
- white-box tests / Testing the basics
- black-box tests / Testing the basics
- sensitive data
- about / Data privacy
- service
- about / Intents
- services
- testing / Service and content provider testing
- setUp() method
- about / The test case methods
- SHA1, software security / Software security terms
- shared preferences
- about / Shared preferences
- signatureOrSystem permission level
- about / Permissions
- signature permission level
- about / Permissions
- smartphone
- about / The mobile environment
- vulnerabilities / The mobile environment
- SMTP
- about / HTTPS
- sniffing attack, software security / Software security terms
- spoofing attack / Software security terms
- Spoon
- spoon-client.jar library
- about / Spoon
- SQL
- about / Content providers
- SQL injection
- about / SQL injection
- SSL
- about / HTTPS, SSL and TLS
- SSL 3.0
- about / SSL and TLS
- SSL connection
- establishing / SSL and TLS
- SSLHandshakeException
- about / Code examples using HTTPS
- startActivitySync method / Instrumentation
- Statement coverage / Testing the basics
- State transition testing technique / Testing the basics
- sticky broadcast
- about / Intents
- storage options
- shared preferences / Data privacy, Shared preferences
- internal storage / Data privacy, Files in the internal storage
- external storage / Data privacy, Files in the external storage
- database storage / Data privacy, The database storage
- symmetric cryptography / Software security terms
- symmetric encryption
- about / Encryption
- Syntax testing technique / Testing the basics
- System Information tab
- about / System Information
- system tests / Testing the basics
T
- TCP/IP model
- tcpdump / Wireshark
- tearDown() method
- about / The test case methods
- terms, software security
- access control / Software security terms
- asymmetric cryptography / Software security terms
- authentication / Software security terms
- authorization / Software security terms
- availability / Software security terms
- brute force / Software security terms
- Cipher / Software security terms
- code injection / Software security terms
- confidentiality / Software security terms
- crack / Software security terms
- decryption / Software security terms
- Denial-of-service (DoS) / Software security terms
- Distributed denial-of-service (DDoS) / Software security terms
- Dictionary attack / Software security terms
- encryption / Software security terms
- hash function / Software security terms
- Hijack attack / Software security terms
- Hypertext Transfer Protocol Secure (HTTPS) / Software security terms
- Integrity / Software security terms
- MD5 / Software security terms
- Man-in-the-middle attack / Software security terms
- passwords / Software security terms
- phishing / Software security terms
- risk / Software security terms
- SHA1 / Software security terms
- Sniffing attack / Software security terms
- spoofing attack / Software security terms
- symmetric cryptography / Software security terms
- threat / Software security terms
- vulnerability / Software security terms
- TestCase class
- about / The test case classes
- setUp() method / The test case methods
- tearDown() method / The test case methods
- test case classes
- about / The test case classes
- TestCase class / The test case classes
- InstrumentationTestCase class / The test case classes
- ActivityTestCase class / The test case classes
- ActivityInstrumentationTestCase2 class / The test case classes
- ActivityUnitTestCase class / The test case classes
- test case methods
- about / The test case methods
- testing, Android application
- on JVM / Testing in Android
- Android SDK, using / Testing in Android
- testing, content provider
- testing, media availability
- about / Media availability
- testing, network access
- about / Network access
- testing, orientation changes
- about / Change in orientation
- testing, services
- testing activities
- functional testing / Testing activities
- unit testing / Testing activities
- test case classes / The test case classes
- instrumentation / Instrumentation
- test case methods / The test case methods
- Assert class / The Assert class and method
- assert method / The Assert class and method
- UI testing / UI testing and TouchUtils
- TouchUtils / UI testing and TouchUtils
- mock object classes / The mock object classes
- testing levels
- unit tests / Testing the basics
- integration tests / Testing the basics
- validation tests / Testing the basics
- system tests / Testing the basics
- acceptance tests / Testing the basics
- Test View
- about / Spoon
- Threads tab
- about / Threads
- threat
- three-factor authentication
- about / Multifactor authentication
- Time-based One-Time Password (TOTP)
- about / The possession factor
- TLS
- about / HTTPS, SSL and TLS
- tools
- Genymotion / Genymotion
- tools, functional testing
- Robotium / Tools for functional testing, Robotium
- Espresso / Tools for functional testing, Espresso
- Appium / Tools for functional testing, Appium
- Calabash / Tools for functional testing, Calabash
- MonkeyTalk / Tools for functional testing, MonkeyTalk
- Bot-bot / Tools for functional testing
- Monkey / Tools for functional testing, Monkey
- Wireshark / Tools for functional testing, Wireshark
- bot-bot / Bot-bot
- tools, unit testing
- Spoon / Tools for unit testing, Spoon
- Mockito / Tools for unit testing, Mockito
- Android Mock / Tools for unit testing, Android Mock
- FEST Android / Tools for unit testing, FEST Android
- Robolectric / Tools for unit testing, Robolectric
- TouchUtils
- about / UI testing and TouchUtils
- TouchUtils class
- clickView method / UI testing and TouchUtils
- drag method / UI testing and TouchUtils
- dragQuarterScreenDown method / UI testing and TouchUtils
- dragViewBy method / UI testing and TouchUtils
- dragViewTo method / UI testing and TouchUtils
- dragViewToTop method / UI testing and TouchUtils
- longClickView method / UI testing and TouchUtils
- scrollToTop method / UI testing and TouchUtils
- scrollToBottom method / UI testing and TouchUtils
- TrafficStats class
- about / Network Statistics
- transport layer
- about / HTTPS
- TrustManager class / Code examples using HTTPS
- two-factor authentication
- about / Multifactor authentication
U
- @UiThreadTest() method
- about / UI testing and TouchUtils
- uiautomator.jar library
- about / The uiautomator API
- uiautomator API
- about / Testing the UI, The uiautomator API
- UiDevice class / The UiDevice class
- UiSelector class / The UiSelector class
- UiObject class / The UiObject class
- UiCollection class / The UiCollection class
- UiScrollable class / The UiScrollable class
- uiautomatorviewer tool
- about / The uiautomatorviewer tool
- UiCollection class
- about / The UiCollection class
- getChildByDescription(UiSelector childPattern,String text) method / The UiCollection class
- getChildByInstance(UiSelector childPattern, int instance) method / The UiCollection class
- getChildByText(UiSelector childPattern, String text) method / The UiCollection class
- getChildCount(UiSelector childPattern) method / The UiCollection class
- UiDevice class
- about / The UiDevice class
- click(int x, int y) method / The UiDevice class
- getDisplaySizeDp() method / The UiDevice class
- pressBack() method / The UiDevice class
- pressHome() method / The UiDevice class
- sleep() method / The UiDevice class
- takeScreenshot(File storepath) method / The UiDevice class
- wakeUp() method / The UiDevice class
- UiObject class
- about / The UiObject class
- click() method / The UiObject class
- exists() method / The UiObject class
- getText() method / The UiObject class
- isChecked() method / The UiObject class
- setText(String text) method / The UiObject class
- UiScrollable class
- about / The UiScrollable class
- scrollBackward() method / The UiScrollable class
- scrollForward() method / The UiScrollable class
- scrollToBeginning() method / The UiScrollable class
- scrollToEnd() method / The UiScrollable class
- UiSelector class
- about / The UiSelector class
- checked(boolean val) method / The UiSelector class
- childSelector(UiSelector selector) method / The UiSelector class
- className(String className) method / The UiSelector class
- resourceID(String id) method / The UiSelector class
- text(String text) method / The UiSelector class
- UI test cases
- executing / Running UI test cases
- UI testing
- about / Testing the UI, UI testing and TouchUtils
- white-box testing / Testing the UI
- black-box testing / Testing the UI
- uiautomator API / The uiautomator API
- uiautomatorviewer tool / The uiautomatorviewer tool
- UI test project
- creating / The UI test project
- UI thread
- about / Threads
- unauthorized Intent receipt
- about / Securing Intents
- unit test
- creating / Creating a unit test
- setting up / The unit test setup
- clock test method, implementing / The clock test
- layout test method, implementing / The layout test
- activity Intent test method, implementing / The activity Intent test
- unit testing
- about / Testing activities
- tools, using / Tools for unit testing
- unit tests / Testing the basics
- unknown CA
- solving / Code examples using HTTPS
- user's data and credentials
- handling / Handling a user's data and credentials
- handling, considerations / Handling a user's data and credentials
- user ID (UID) / An overview of Android security
- user interface (UI)
- about / Threads
- username/password
- about / The knowledge factor
V
- -v parameter / Monkey
- validation tests / Testing the basics
- values, method profiling tool
- exclusive time / Method profiling
- inclusive time / Method profiling
- verify() method / Mockito
- ViewAsserts class / The Assert class and method
- about / The ViewAsserts class
- URL / The ViewAsserts class
- assertBottomAligned() method / The ViewAsserts class
- assertLeftAligned() method / The ViewAsserts class
- assertRightAligned() method / The ViewAsserts class
- assertTopAligned() method / The ViewAsserts class
- assertGroupContains () method / The ViewAsserts class
- assertGroupNotContains() method / The ViewAsserts class
- assertHasScreenCoordinates() method / The ViewAsserts class
- assertHorizontalCenterAligned() method / The ViewAsserts class
- assertVerticalCenterAligned() method / The ViewAsserts class
- assertOffScreenAbove() method / The ViewAsserts class
- assertOffScreenBelow() method / The ViewAsserts class
- assertOnScreen() method / The ViewAsserts class
- VirtualBox
- URL, for downloading / Genymotion
- vulnerabilities, Intents
- unauthorized Intent receipt / Securing Intents
- Intent spoofing / Securing Intents
- vulnerabilities, smartphone / The mobile environment
- vulnerability
- about / Software security terms, Vulnerability
- improper authentication / Vulnerability
- buffer overflow / Vulnerability
- cross-site scripting (XSS) / Vulnerability
- Input validation / Vulnerability
- SQL injection / Vulnerability
W
- waitForIdleSync method / Instrumentation
- when() method / Mockito
- white-box testing
- about / Testing the UI
- white-box tests
- about / Testing the basics
- white-box tests, techniques
- control flow testing / Testing the basics
- data flow testing / Testing the basics
- basis path testing / Testing the basics
- statement coverage / Testing the basics
- Wireshark
X
- X.509 certificate
- version / Server and client certificates
- serial number / Server and client certificates
- signature algorithm / Server and client certificates
- issuer / Server and client certificates
- validity / Server and client certificates
- subject / Server and client certificates
- subject public key / Server and client certificates