From the course: Android App Security: A Structured Approach to Pen Testing
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Code analysis - Android Tutorial
From the course: Android App Security: A Structured Approach to Pen Testing
Code analysis
- [Educator] MobSF handle static code analysis pretty well, you just need to go down the side menu under security analysis and just click on code analysis. Code analysis will tell you about hard coded usernames and passwords, cryptographic keys or even possible exposure in IP addresses. All you need to do, is just go to the links provided adjacent to these discoveries and browse them yourself. Because there is a good chance that some of them may turn out to be false positives. It can also tell you about errors in SQL query parsing that may lead to SQL injection. MobSF has several other fantastic features like performing a basic malware analysis on the APK file using YARA rules by Virus total. It can also do basic reconnaissance on the URLs, Firebase DB, Email Ids and Trackers discovered within the application. It'll also tell you a list of strings that are discovered in the application. Which could give you some idea about…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.