Android App Security Auditing

Fri, Mar 13, 2015 Sam Bowne

Entire Class Page · Home Page


Abstract

Students will set up an environment that makes it easy to test Android apps for common security flaws such as insecure data transmission, insecure file storage, and data exposure in logs and memory dumps.

We will use Android Studio, Burp, VirtualBox, Genymotion, and the Google Play Store. Students need to have laptops. Macs and Linux machines work best, but Windows can also be used.

Reference Book

"Hacking Exposed Mobile: Security Secrets & Solutions", by Bergman, Stanfield, Rouse, Scambray, Geethakumar, Deshmukh, Matsumoto, Steven and Price, McGraw-Hill Osborne Media; 1 edition (July 9, 2013) ISBN-10: 0071817018 Buy from Amazon

Presentation

PowerPoint
Vulnerable Android Financial Apps

Projects

Do One of These

Ubuntu Prep for Android Security Auditing
Mac or Windows Prep for Android Security Auditing

Do Both of These

Genymotion and Google Play for Android Security Audits
Trojaning the Bank of America App

Optional

Genymotion & Burp Prep for Android Security Auditing

More Projects

Last Updated: 3-13-15 7:19 am