Practical recipes to delve into Android’s security mechanisms by troubleshooting common vulnerabilities in applications and Android OS versions
Overview
- Analyze the security of Android applications and devices, and exploit common vulnerabilities in applications and Android operating systems
- Develop custom vulnerability assessment tools using the Drozer Android Security Assessment Framework
- Reverse-engineer Android applications for security vulnerabilities
- Protect your Android application with up to date hardening techniques
What you will learn from this book
- Set up the Android development tools and frameworks
- Engage in Application security concepts
- Use the Drozer Android Security Assessment Framework
- Customize and develop your own plugins for the Drozer Framework
- Exploit, enumerate, and analyze common application level exploits
- Protect applications from common vulnerabilities and exploits
- Reverse-engineer applications for common code level vulnerabilities
- Secure application networking, SSL/TLS
- Encryption to protect application data
Make the most of the Bash shell and Kali Linux’s command line based security assessment tools
About This Book
- Utilize the command line to create, run, and execute tests
- Learn useful command line based information processing utilities and unlock the problem solving power of a Linux terminal
- Practical demonstrations using in-depth explanations and screenshots to help you use the Linux Bash terminal to tackle a collection of common security-related problems.
Who This Book Is For
If you are a penetration tester, system administrator, or developer who would like an enriching and practical introduction to the Bash shell and Kali Linux command-line-based tools, this is the book for you.
What You Will Learn
- Perform network enumeration techniques with Dig, whois, dnsenum, dnsmap, and others
- Learn how to fuzz and reverse engineer using the Kali Linux command line tools
- Exploit common web application vulnerabilities using skipfish, arcachi, and sqlmap
- Accomplish man-in-the-middle attacks straight from your command line
- Assess SSL security using sslyze and openssl
- Carry out network traffic analysis using tcpdump