更新时间:2021-07-16 12:14:06
coverpage
Learning Pentesting for Android Devices
Credits
Foreword
About the Author
Acknowledgments
About the Reviewers
www.PacktPub.com
Support files eBooks discount offers and more
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Chapter 1. Getting Started with Android Security
Introduction to Android
Digging deeper into Android
Sandboxing and the permission model
Application signing
Android startup process
Summary
Chapter 2. Preparing the Battlefield
Setting up the development environment
Useful utilities for Android Pentest
Chapter 3. Reversing and Auditing Android Apps
Android application teardown
Reversing an Android application
Using Apktool to reverse an Android application
Auditing Android applications
Content provider leakage
Insecure file storage
OWASP top 10 vulnerabilities for mobiles
Chapter 4. Traffic Analysis for Android Devices
Android traffic interception
Ways to analyze Android traffic
HTTPS Proxy interception
Extracting sensitive files with packet capture
Chapter 5. Android Forensics
Types of forensics
Filesystems
Using dd to extract data
Using Andriller to extract an application's data
Using AFLogical to extract contacts calls and text messages
Dumping application databases manually
Logging the logcat
Using backup to extract an application's data
Chapter 6. Playing with SQLite
Understanding SQLite in depth
Security vulnerability
Chapter 7. Lesser-known Android Attacks
Android WebView vulnerability
Infecting legitimate APKs
Vulnerabilities in ad libraries
Cross-Application Scripting in Android
Chapter 8. ARM Exploitation
Introduction to ARM architecture
Setting up the environment
Simple stack-based buffer overflow
Return-oriented programming
Android root exploits
Chapter 9. Writing the Pentest Report
Basics of a penetration testing report
Writing the pentest report
Security Audit of
Table of Contents
1. Introduction
2. Auditing and Methodology
3. Conclusions
Index
