MODULE 01 : Lab Setup
Lab Setup :-: Introduction to Virtual Box
Lab Setup :-: Introduction to VMware
Lab Setup :-: Installing Genymotion and Creating Virtual Android Device
Lab Setup :-: Installing Mobexler
Lab Setup :-: Configuring Santoku
Lab Setup :-: Configuring Appuse
MODULE 02 : Introduction to Android System
Android Architecture
Android Application Files
ADB Introduction
MODULE 03 : Static Analysis
Static Analysis :-: Jadx
Static Analysis :-: JD-GUI
Static Analysis :-: APK-Tool
Static Analysis :-: Android Studio
Static Analysis :-: Bytecode Viewer
Static Analysis :-: QARK (Quick Android Review Kit)
MODULE 04 : DIVA Beta Application
DIVA :-: Insecure Logging
DIVA :-: Hardcoding Issues Part 1
DIVA :-: Hardcoding Issues Part 2
DIVA :-: Insecure Data Storage Part 1
DIVA :-: Insecure Data Storage Part 2
DIVA :-: Insecure Data Storage Part 3
DIVA :-: Insecure Data Storage Part 4
DIVA :-: Input Validation Issues Part 1
DIVA :-: Input Validation Issues Part 2
DIVA :-: Input Validation Issues Part 3
DIVA :-: Access Control Issues Part 1
DIVA :-: Access Control Issues Part 2
DIVA :-: Access Control Issues Part 3
MODULE 05 : OWASP Top 10 2014
M2: Insecure Data Storage
M3: Insufficient Transport Layer Protection
M4: Unintended Data Leakage
M5: Poor Authorization and Authentication
M6: Broken Cryptography
M7: Client Side Injection
M8: Security Decisions Via Untrusted Inputs
M9: Improper Session Handling
M10: Lack of Binary Protections
MODULE 06 : OWASP Top 10 2016
M1: Improper Platform Usage
M2: Insecure Data Storage
M3: Insecure Communication
M4: Insecure Authentication
M5: Insufficient Cryptography
M6: Insecure Authorization
M7: Client Code Quality
M8: Code Tampering
M9: Reverse Engineering
M10: Extraneous Functionality
MODULE 07 : Dynamic Analysis
7.1 Burp Suite Pro Installation
7.1.2 Burp Suite Introduction – Dashboard and Target Tab
7.1.2.1 Burp Suite Introduction – Proxy, Intruder and Repeater Tab
7.1.2.2 Burp Suite Introduction – Sequencer, Decoder, Comparer, Logger Tab
7.1.3 Capture Application Traffic for Android Version less than 7
7.1.4 Capture Application Traffic for Android Version 7 or Greater
7.2 Mobile Security Framework (MobSF)
7.2.1 MobSF Installation
7.2.2 Static Analysis through MobSF
7.2.3.1 Dynamic Analysis Part 1
7.2.3.2 Dynamic Analysis Part 2
7.3 Drozer
7.3.1 Application Testing Through Drozer – Part 1
7.3.2 Application Testing Through Drozer – Part 2
MODULE 08 : Hand on Testing Application and Live Application
Android Application – 01
Android Application – 02
Android Application – 03
Android Application – 04
Android Application – 05
Bonus :-: Application for Testing
Assignments
Android File Structure