Android App Security AuditingFri, June 12 - Sun, June 14, 2015 Sam BowneEntire Class Page · Home Page
|
AbstractStudents will set up an environment that makes it easy to test Android apps for common security flaws such as insecure data transmission, insecure file storage, and data exposure in logs and memory dumps.We will use Android Studio, Burp, VirtualBox, Genymotion, and the Google Play Store. Students need to have laptops. Macs and Linux machines work best, but Windows can also be used. Reference Book"Hacking Exposed Mobile: Security Secrets & Solutions", by Bergman, Stanfield, Rouse, Scambray, Geethakumar, Deshmukh, Matsumoto, Steven and Price, McGraw-Hill Osborne Media; 1 edition (July 9, 2013) ISBN-10: 0071817018 Buy from Amazon
PresentationAndroid Security Auditing (pptx)Vulnerable Android Financial Apps
Project 1: Complete Android Auditing SystemDo One of TheseUbuntu Prep for Android Security AuditingMac or Windows Prep for Android Security Auditing Do All of TheseMaking a Signed App with Android StudioGenymotion and Google Play for Android Security Audits Observing the TD Ameritrade Log Trojaning the Charles Schwab App OptionalGenymotion & Burp Prep for Android Security AuditingProject 2: SSL Auditing ProxyMaking an SSL Auditing Proxy with a Mac, Burp, and pfComparing Secure and Insecure iOS Apps (not public yet) More ProjectsMore Projects |