Version Tomorrow is the first day of the rest of your life

workshop: Android Application Pentesting 101

How to Hack Android Applications for Beginners

Event large

Have you ever wondered what kind of vulnerabilities exist in mobile applications, how to exploit them and how to modify existing android applications? This workshop does not cover the less technical topics such as the history of Android, but it will give you an introduction to the world of mobile application penetration testing. We will be using a 70% hands-on approach and 30% lecture style format.

#DeviceSecurity #NetworkSecurity #Training

Have you ever wondered what kind of vulnerabilities exist in mobile applications, how to exploit them and how to modify existing Android applications? This workshop does not cover the less technical topics such as the history of Android, but it will give you an introduction to the world of mobile application penetration testing. We will be using a 70% hands-on approach and 30% lecture style format.
Attendees should expect to work under guidance on given tasks during the workshop. The workshop also includes an introduction to common Android application issues, hints on how to exploit those and a follow up explanation. After the workshop attendees should be able to identify and exploit common Android application vulnerabilities and also to modify and extend them.

Overview


Topics:

  • Introduction to Android Internals

  • OWASP and Mobile Application Testing

  • Introduction to Workshop VMs

  • Reconaissance Phase of a Mobile Application Test

  • Native Android Tools

  • MITM Vulnerabilities

  • Authorisation Bypasses

  • Reversing of Android Applications

  • Other Common Android Application Vulnerabilities


Who should attend this course


Anyone that has a desire to understand how Android mobile applications work and what risks they can expose.

Requirements


Basic understanding of scripting concepts, basic Linux knowledge.

What you should bring with you:



  • Operating system with at least 4GB of RAM (8GB recommended) and at least 25 GB of free disk space

  • Virtualization software capable of running OVA

  • Willingness to learn and have fun!


What we will provide:



  • Pre-configured penetration testing environment and a virtual Android device

  • Workshop materials


Trainer


Christian Becker and Tim Guenther work as penetration testers for Context Information Security in Germany. They both have several years of experience in performing penetration tests such as in the areas of application testing, infrastructure testing, testing of mobile applications and devices as well as others. They also run local OWASP meetings in the Ruhr area of Germany.