Learning Pentesting for Android Devices
By Aditya Gupta
Publisher: Packt Publishing
Final Release Date: March 2014
Pages: 154

In Detail

Android is the most popular mobile smartphone operating system at present, with over a million applications. Every day hundreds of applications are published to the PlayStore, which users from all over the world download and use. Often, these applications have serious security weaknesses in them, which could lead an attacker to exploit the application and get access to sensitive information. This is where penetration testing comes into play to check for various vulnerabilities.

Learning Pentesting for Android is a practical and hands-on guide to take you from the very basic level of Android Security gradually to pentesting and auditing Android. It is a step-by-step guide, covering a variety of techniques and methodologies that you can learn and use in order to perform real life penetration testing on Android devices and applications.

The book starts with the basics of Android Security and the permission model, which we will bypass using a custom application, written by us. Thereafter we will move to the internals of Android applications from a security point of view, and will reverse and audit them to find the security weaknesses using manual analysis as well as using automated tools.

We will then move to a dynamic analysis of Android applications, where we will learn how to capture and analyze network traffic on Android devices and extract sensitive information and files from a packet capture from an Android device. We will then learn some different ways of doing Android forensics and use tools such as Lime and Volatility. After that, we will look into SQLite databases, and learn to find and exploit the injection vulnerabilities. Also, we will look into webkit-based vulnerabilities; root exploits, and how to exploit devices to get full access along with a reverse connect shell. Finally, we will learn how to write a penetration testing report for an Android application auditing project.

Approach

This is an easy-to-follow guide, full of hands-on and real-world examples of applications. Each of the vulnerabilities discussed in the book is accompanied with the practical approach to the vulnerability, and the underlying security issue.

Who this book is for

This book is intended for all those who are looking to get started in Android security or Android application penetration testing. You don’t need to be an Android developer to learn from this book, but it is highly recommended that developers have some experience in order to learn how to create secure applications for Android.

Product Details
Recommended for You
Customer Reviews

REVIEW SNAPSHOT®

by PowerReviews
oreillyLearning Pentesting for Android Devices
 
5.0

(based on 1 review)

Ratings Distribution

  • 5 Stars

     

    (1)

  • 4 Stars

     

    (0)

  • 3 Stars

     

    (0)

  • 2 Stars

     

    (0)

  • 1 Stars

     

    (0)

Reviewed by 1 customer

Displaying review 1

Back to top

 
5.0

Easily Learn Pentesting

By Maydin

from Turkey

About Me Developer

Verified Reviewer

Pros

  • Accurate
  • Concise
  • Easy to understand
  • Helpful examples
  • Well-written

Cons

    Best Uses

    • Expert
    • Intermediate
    • Novice

    Comments about oreilly Learning Pentesting for Android Devices:

    The book is a very nice introduction to pentesting for Android Devices. It is very easy to follow the book and you dont need to open your notebook to follow the book. It covers many aspects of security of apps and devices. Some topics covered are reverse engineering, network traffic analysis, auditing android apps, etc..Both novice and experienced Android developers can read the book. In every chapter, one aspect of android app or device security is discussed. Tools used for security and pentesting are introduced and usage of the tools are shown step by step. I learnt many new information and tools from this book. In the last chapter it has even a template for pentesting report. I recommend this book to people who wants to get introduced to android security and pentesting.

    Displaying review 1

    Back to top

     
    Buy 2 Get 1 Free Free Shipping Guarantee
    Buying Options
    Immediate Access - Go Digital what's this?
    Ebook: $17.99
    Formats:  ePub, Mobi, PDF