Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Hacking Android
  • Table Of Contents Toc
  • Feedback & Rating feedback
Hacking Android

Hacking Android

By : Mohammed A. Imran, Rao Kotipalli
4.4 (5)
Buy this Book
close
close
Hacking Android

Hacking Android

4.4 (5)
By: Mohammed A. Imran, Rao Kotipalli
Buy this Book

Overview of this book

With the mass explosion of Android mobile phones in the world, mobile devices have become an integral part of our everyday lives. Security of Android devices is a broad subject that should be part of our everyday lives to defend against ever-growing smartphone attacks. Everyone, starting with end users all the way up to developers and security professionals should care about android security. Hacking Android is a step-by-step guide that will get you started with Android security. You’ll begin your journey at the absolute basics, and then will slowly gear up to the concepts of Android rooting, application security assessments, malware, infecting APK files, and fuzzing. On this journey you’ll get to grips with various tools and techniques that can be used in your everyday pentests. You’ll gain the skills necessary to perform Android application vulnerability assessment and penetration testing and will create an Android pentesting lab.
Table of Contents (12 chapters)
close
close
close
Preface
Icon
Preface
Icon
What this book covers
Icon
What you need for this book
Icon
Who this book is for
Icon
Conventions
Icon
Reader feedback
Icon
Customer support
Lock Free Chapter
1
1. Setting Up the Lab
Icon
1. Setting Up the Lab
Icon
Installing the required tools
Icon
Android Studio
Icon
Setting up an AVD
Icon
Configuring the AVD
Icon
ADB Primer
Icon
Summary
2
2. Android Rooting
Icon
2. Android Rooting
Icon
What is rooting?
Icon
Locked and unlocked boot loaders
Icon
Stock recovery and Custom recovery
Icon
Rooting Process and Custom ROM installation
Icon
Rooting a Samsung Note 2
Icon
Flashing the Custom ROM to the phone
Icon
Summary
3
3. Fundamental Building Blocks of Android Apps
Icon
3. Fundamental Building Blocks of Android Apps
Icon
Basics of Android apps
Icon
Android app components
Icon
Building DEX files from the command line
Icon
What happens when an app is run?
Icon
Understanding app sandboxing
Icon
Summary
4
4. Overview of Attacking Android Apps
chevron up
Icon
4. Overview of Attacking Android Apps
Icon
Introduction to Android apps
Icon
Understanding the app's attack surface
Icon
Threats at the client side
Icon
Threats at the backend
Icon
Guidelines for testing and securing mobile apps
Icon
Automated tools
Icon
Identifying the attack surface
Icon
QARK (Quick Android Review Kit)
Icon
Summary
5
5. Data Storage and Its Security
Icon
5. Data Storage and Its Security
Icon
What is data storage?
Icon
Shared preferences
Icon
SQLite databases
Icon
Internal storage
Icon
External storage
Icon
User dictionary cache
Icon
Insecure data storage – NoSQL database
Icon
Backup techniques
Icon
Being safe
Icon
Summary
6
6. Server-Side Attacks
Icon
6. Server-Side Attacks
Icon
Different types of mobile apps and their threat model
Icon
Mobile applications server-side attack surface
Icon
Strategies for testing mobile backend
Icon
Summary
7
7. Client-Side Attacks – Static Analysis Techniques
Icon
7. Client-Side Attacks – Static Analysis Techniques
Icon
Attacking application components
Icon
Static analysis using QARK:
Icon
Summary
8
8. Client-Side Attacks – Dynamic Analysis Techniques
Icon
8. Client-Side Attacks – Dynamic Analysis Techniques
Icon
Automated Android app assessments using Drozer
Icon
Introduction to Cydia Substrate
Icon
Runtime monitoring and analysis using Introspy
Icon
Hooking using Xposed framework
Icon
Dynamic instrumentation using Frida
Icon
Logging based vulnerabilities
Icon
WebView attacks
Icon
Summary
9
9. Android Malware
Icon
9. Android Malware
Icon
What do Android malwares do?
Icon
Writing Android malwares
Icon
Registering permissions
Icon
Malware analysis
Icon
Tools for automated analysis
Icon
Summary
10
10. Attacks on Android Devices
Icon
10. Attacks on Android Devices
Icon
MitM attacks
Icon
Dangers with apps that provide network level access
Icon
Using existing exploits
Icon
Malware
Icon
Bypassing screen locks
Icon
Pulling data from the sdcard
Icon
Summary
11
Index
Icon
Index

Guidelines for testing and securing mobile apps

There are multiple organizations providing guidelines for testing and securing mobile apps. The most common ones include OWASP Mobile Top 10 and Veracode Mobile App Top 10. Additionally, there are also guidelines from Google itself on how to secure Android apps by showing examples of what not to do. Having knowledge on these guidelines is important in order to understand what to look for during a penetration test.

Let's have a brief look at OWASP Mobile Top 10 Vulnerabilities.

OWASP Top 10 Mobile Risks (2014)

The following diagram shows the OWASP Top 10 Mobile Risks, which is a list of top 10 mobile app vulnerabilities released in 2014. This is the latest list as of writing this book:

The following are the top 10 vulnerabilities and we will have a deeper look into each of these vulnerabilities in the following sections:

  • M1: Weak Server-Side Controls

  • M2: Insecure Data Storage

  • M3: Insufficient Transport Layer Protection

  • M4: Unintended Data Leakage

  • M5...

Visually different images
CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Hacking Android
End of Section 4
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist download Download options
font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon