Abstract

Agenda:

1. Basics of android and android applications

2. Privilege and permission in android

3. Let's get friendly

4. Building the virtual machine/environment

  • Installing AppUse/Droider
  • Android Studio
  • Genymotion
  • All other small and big tools

5. Static Analysis of the application

  • APK DE-compilation
  • Jar, DEX, SMALI ...
  • Finding what you are looking for
  • SSL Pinning and bypass
  • Recompiling the apk
  • Insecure Storage

6. Dynamic analysis of the application

  • Exported components and issues
  • What to do with a broadcast?
  • Capturing the application traffic
  • Finding new scope and getting ahead of masses
  • Web related vulnerabilities
  • Session manipulation
  • Drozer and its power
  • Run time execution

7. Most common mobile vulnerabilities and how to find them

8. Earning money, the cool way

Prerequisites:

  • Great sense of humor
  • Lack of shyness while asking questions
  • Love towards application security
  • Movie buff
  • Basics of android security
  • Laptop: 8GB RAM, 50 GB free HDD, Android Mobile/Tab

Speaker

Abhinav Mishra

With the unconditional love towards security, be it applications or networks, I have been hacking since 9+ years. Founded ENCIPHERS, a security consulting and training company.

Timing

Starts at Thursday April 28 2016, 01:45 PM. The sessions runs for about 3 hours.

Resources