Null offensive hacking hands-on training.
Proposed sessions for this event:
- Android Security by Nikhil P Kulkarni
- Android Security by Arun.S
- Android Security by Divyanshu Shekhar
Android Securityby Nikhil P Kulkarni
You can register by doing the following:
- Click on the register button to register yourself for this session
- Make sure you fill the Google form- Android Humla Google form
- Only the participants who have registered here AND filled the Google sheet will be considered for this session
Registrations will close on March 27th 10:00 PM. Only the participants who registered and filled in the google form will be sent a confirmation email with the venue details. Please note that this session is limited to 30 participants only and It's the prerogative of the champion to select the participants based on the responses received.
This email will be sent by Wednesday March 29.th 10:00 AM.
Please read the following instructions carefully. This will enable us to have a smooth, hassle free session.
The champion will be covering the following topics during the Humla Session:
• Introduction to Android
• Android Security Architecture
• Android Permission model
• Application Sandboxing
• Setting up Android Emulator
• Setting up a Mobile Pentest Environment
• Inspecting Application Certificates and Signatures
• Signing Android Applications
• Verifying Application Signatures
• Investigating app permissions through manifest file
• Bypassing Android Permissions
• Introduction to Drozer
• Using Drozer to find and exploit vulnerabilities
• Dynamic and static analysis of the application
We will be using one of the open source vulnerable android application to test during the demo and hands on.
• Carrying a laptop is mandatory
• Laptop with full administrative access since you will be installing software.
• Make sure to have free space of atleast 10 GB on your laptop and with minimum 4 GB RAM
• Basic knowledge on Android
• VirtualBox 5.x.x installed. Please install this and come before the session. VMWare will not be supported.
• Geny Motion Community Edition .Please install this and come before the session. https://www.genymotion.com/fun-zone/
• PuTTY to SSH into the VM. This is for Windows hosts. https://the.earth.li/~sgtatham/putty/latest/w32/putty.exe
• BurpSuite free edition
• Any of the following OS : OSX , Win 7 and above, Ubuntu 12.0.4 and above
|Saturday April 01 2017