Hacking Android

Hacking Android

By : Srinivasa Rao Kotipalli

Buy this Book

Hacking Android

By: Srinivasa Rao Kotipalli

Buy this Book

Overview of this book

With the mass explosion of Android mobile phones in the world, mobile devices have become an integral part of our everyday lives. Security of Android devices is a broad subject that should be part of our everyday lives to defend against ever-growing smartphone attacks. Everyone, starting with end users all the way up to developers and security professionals should care about android security. Hacking Android is a step-by-step guide that will get you started with Android security. You’ll begin your journey at the absolute basics, and then will slowly gear up to the concepts of Android rooting, application security assessments, malware, infecting APK files, and fuzzing. On this journey you’ll get to grips with various tools and techniques that can be used in your everyday pentests. You’ll gain the skills necessary to perform Android application vulnerability assessment and penetration testing and will create an Android pentesting lab.

Hacking Android

Credits

About the Authors

About the Reviewer

www.PacktPub.com

Preface

Free Chapter

Setting Up the Lab

Installing the required tools

Summary

Android Rooting

What is rooting?

Locked and unlocked boot loaders

Stock recovery and Custom recovery

Rooting Process and Custom ROM installation

Rooting a Samsung Note 2

Flashing the Custom ROM to the phone

Summary

Fundamental Building Blocks of Android Apps

Basics of Android apps

Android app components

Building DEX files from the command line

What happens when an app is run?

Understanding app sandboxing

Summary

Overview of Attacking Android Apps

Introduction to Android apps

Understanding the app's attack surface

Threats at the client side

Threats at the backend

Guidelines for testing and securing mobile apps

Automated tools

Identifying the attack surface

QARK (Quick Android Review Kit)

Summary

Data Storage and Its Security

What is data storage?

User dictionary cache

Insecure data storage – NoSQL database

Backup techniques

Being safe

Summary

Server-Side Attacks

Different types of mobile apps and their threat model

Mobile applications server-side attack surface

Strategies for testing mobile backend

Summary

Client-Side Attacks – Static Analysis Techniques

Attacking application components

Static analysis using QARK:

Summary

Client-Side Attacks – Dynamic Analysis Techniques

Automated Android app assessments using Drozer

Introduction to Cydia Substrate

Runtime monitoring and analysis using Introspy

Hooking using Xposed framework

Dynamic instrumentation using Frida

Logging based vulnerabilities

WebView attacks

Summary

Android Malware

What do Android malwares do?

Writing Android malwares

Registering permissions

Malware analysis

Tools for automated analysis

Summary

Attacks on Android Devices

MitM attacks

Dangers with apps that provide network level access

Using existing exploits

Malware

Bypassing screen locks

Pulling data from the sdcard

Summary

Index

Customer Reviews

5 star

4 star

3 star

2 star

1 star

Chapter 1. Setting Up the Lab

In this chapter, we will set up a lab with all the tools that are required for the rest of the book. This first chapter is an essential part of the book for those who are new to Android security. It will help us to have an arsenal of tools required for Android security in one place. These are some of the major topics that we will discuss in this chapter:

Setting up the Android environment
Installing the tools required for app assessments
Installing the tools required for assessing the security of the mobile backend
Installing vulnerable apps
An introduction to Android Debug Bridge (adb)

Hacking Android

By : Srinivasa Rao Kotipalli

Hacking Android

By: Srinivasa Rao Kotipalli

Overview of this book

Related Content you might be interested in

Current Title:

Hacking Android

Chapter 1. Setting Up the Lab